Unique contexts of authenticated users

Asked

Viewed 151 times

4

Using the @Gypsy recommended method in this answer (It is possible to leave connectionString dynamically?), I was able to get a dynamic connection, and using the idea of mapping a context with the user data as a database name, host, etc... I came across another problem: To each logged-in user, the data contained in the context is overwritten by the data of the latest authenticated user.

What an elegant way to create a context for each user logged into the system where there is no interference from the other?

Cookies? Sessions?

Update

Bank change is made at any time when the entity is called:

public EntidadesDCSystem(string str = "Conexao") : base(str)
    {
        if (HttpContext.Current.User.Identity.IsAuthenticated)
        {
            var user = HttpContext.Current.Session["usrProfile"] as UsuarioContexto;
            this.MudarBanco(database: user.database, configConnectionStringName: "Conexao");
        }
    }

I did so (with Session) because it was the only way I could find for user data not to mix. Follow where I mount this Session, which is at user login time.

[HttpPost]
    public ActionResult Login(AuthLogin form, string returnUrl)
    {
        ...

        //FormsAuthentication.SetAuthCookie(usr.nome, true);
        var userData = usr.descricao + '|' + usr.usuarioid;

        var ticket = new FormsAuthenticationTicket(1,
            usr.nome,
            DateTime.Now,
            DateTime.Now.AddHours(8),
            true,
            userData);

        var encTicket = FormsAuthentication.Encrypt(ticket);

        var userProfile = new UsuarioContexto
        {
            nome = usr.nome,
            userid = usr.usuarioid,
            database = usr.conexao
        };

        Session["usrProfile"] = userProfile;

        ...
    }
  • It depends. How are you doing the application authentication? I don’t know how it works in most cases, but using ASP.NET Identity, it shouldn’t happen not...

  • I still use the Formsauthentication rs

  • Okay, and at what point are you making the database switch? Is there any way to post this code? (Not what makes the switch, but what do you call it)

  • As I mentioned in the edit, the exchange occurs every time the entity is called, through data passed by the login created by Session. @jbueno

  • Have you ever taken a look at Claims?

  • @Jcsaint So, in the project I am working with formsAuthentication, Claims is not pro Identity?

Show 1 more comment

1 answer

0

What an elegant way to create a context for each user logged into the system where there is no interference from the other?

Cookies? Sessions?

Cookies would be the best alternative. The data that characterize each user stays in their machines and the system identifies which the correct connection by request.

About its implementation, Session has problems with load balancing. A suggestion using Cookies would be:

var meuCookie = new HttpCookie("MeuCookie");

meuCookie.Values["Usuário"] = // Coloque o nome ou Id do Usuário aqui como String.
meuCookie.Expires = DateTime.Now.AddMinutes(60);
Response.Cookies.Add(meuCookie);

Reading:

var meuCookie = new HttpCookie("MeuCookie");
meuCookie = Request.Cookies["MeuCookie"];

if (meuCookie == null) 
    throw new Exception("Informação do usuário não encontrada.");

var usuario = meuCookie.Values["Usuário"];

Browser other questions tagged

You are not signed in. Login or sign up in order to post.