Unique contexts of authenticated users

Question

Unique contexts of authenticated users

Asked 7 years, 8 months ago

Viewed 151 times

4

Using the @Gypsy recommended method in this answer (It is possible to leave connectionString dynamically?), I was able to get a dynamic connection, and using the idea of mapping a context with the user data as a database name, host, etc... I came across another problem: To each logged-in user, the data contained in the context is overwritten by the data of the latest authenticated user.

What an elegant way to create a context for each user logged into the system where there is no interference from the other?

Cookies? Sessions?

Update

Bank change is made at any time when the entity is called:

public EntidadesDCSystem(string str = "Conexao") : base(str)
    {
        if (HttpContext.Current.User.Identity.IsAuthenticated)
        {
            var user = HttpContext.Current.Session["usrProfile"] as UsuarioContexto;
            this.MudarBanco(database: user.database, configConnectionStringName: "Conexao");
        }
    }

I did so (with Session) because it was the only way I could find for user data not to mix. Follow where I mount this Session, which is at user login time.

[HttpPost]
    public ActionResult Login(AuthLogin form, string returnUrl)
    {
        ...

        //FormsAuthentication.SetAuthCookie(usr.nome, true);
        var userData = usr.descricao + '|' + usr.usuarioid;

        var ticket = new FormsAuthenticationTicket(1,
            usr.nome,
            DateTime.Now,
            DateTime.Now.AddHours(8),
            true,
            userData);

        var encTicket = FormsAuthentication.Encrypt(ticket);

        var userProfile = new UsuarioContexto
        {
            nome = usr.nome,
            userid = usr.usuarioid,
            database = usr.conexao
        };

        Session["usrProfile"] = userProfile;

        ...
    }

It depends. How are you doing the application authentication? I don’t know how it works in most cases, but using ASP.NET Identity, it shouldn’t happen not...

– Jéf Bueno

2016/11/01 at 19:00
I still use the Formsauthentication rs

– Matheus Silva

2016/11/01 at 19:12
Okay, and at what point are you making the database switch? Is there any way to post this code? (Not what makes the switch, but what do you call it)

– Jéf Bueno

2016/11/01 at 19:18
As I mentioned in the edit, the exchange occurs every time the entity is called, through data passed by the login created by Session. @jbueno

– Matheus Silva

2016/11/03 at 10:06
Have you ever taken a look at Claims?

– JcSaint

2016/11/03 at 10:21
@Jcsaint So, in the project I am working with formsAuthentication, Claims is not pro Identity?

– Matheus Silva

2016/11/08 at 12:01

Show 1 more comment

1 answer

Browser other questions tagged c# asp.net-mvc entity-framework asp.net-mvc-5

You are not signed in. Login or sign up in order to post.

by Leonel Sanches da Silva • **88,623** points · Answer 1 · 2017-02-02T17:39:13+00:00

What an elegant way to create a context for each user logged into the system where there is no interference from the other?

Cookies? Sessions?

Cookies would be the best alternative. The data that characterize each user stays in their machines and the system identifies which the correct connection by request.

About its implementation, Session has problems with load balancing. A suggestion using Cookies would be:

var meuCookie = new HttpCookie("MeuCookie");

meuCookie.Values["Usuário"] = // Coloque o nome ou Id do Usuário aqui como String.
meuCookie.Expires = DateTime.Now.AddMinutes(60);
Response.Cookies.Add(meuCookie);

Reading:

var meuCookie = new HttpCookie("MeuCookie");
meuCookie = Request.Cookies["MeuCookie"];

if (meuCookie == null) 
    throw new Exception("Informação do usuário não encontrada.");

var usuario = meuCookie.Values["Usuário"];