Home/ Questions/Q 4341588
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T11:30:19+00:00

What is the recommended solution for keeping track of the current user in a

  • 0

What is the recommended solution for keeping track of the current user in a site using OpenId? Say I have a Users table with an id and a claimed identifier and then my site specific info and the user wants to update their site specific info. What is the best way to track the current user given that I am not using the built in membership? Should I send a request to openid to get the ClaimedIdentifier each time a user attempts to update their profile? Or perhaps just enforce a UserName be unique and get the user’s info based off of User.Identity.Name?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I do it with a cookie :)… you might find my answer useful: What OpenID solution is really used by Stack Overflow?

    I’ve also made a simple blog post about it: http://codesprout.blogspot.com/2011/03/using-dotnetopenauth-to-create-simple.html

    public class User
{
    [DisplayName("User ID")]
    public int UserID{ get; set; }

    [Required]
    [DisplayName("Open ID")]
    public string OpenID { get; set; }

    [DisplayName("User Name")]
    public string UserName{ get; set; }
}

    In my example I signed in with the OpenID and I stored it in the cookie, but you can store other information in the cookie, such as the user name:

    public class FormsAuthenticationService : IFormsAuthenticationService
{
    public void SignIn(string userName, bool createPersistentCookie)
    {
        if (String.IsNullOrEmpty(serName)) throw new ArgumentException("The user name cannot be null or empty.", "UserName");

        FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);
    }

    public void SignOut()
    {
        FormsAuthentication.SignOut();
    }
}

    Update 2.0:
    How about something like this (this is the View):

    <%
    if (Request.IsAuthenticated) 
    {
        string name = Request.Cookies[Page.User.Identity.Name] == null ? string.Empty : Request.Cookies[Page.User.Identity.Name].Value;
        if (string.IsNullOrEmpty(name))
        {
            name = Page.User.Identity.Name;
        }
%>

        [<%: Html.ActionLink(name, "Profile", "User")%> |
         <%: Html.ActionLink("Log out", "LogOut", "User") %> |
<%
    }
    else 
    {
%> 
        [ <%: Html.ActionLink("Log in", "LogIn", "User") %> |
<%
    }

%>

    And the Controller, presumably you’re taken to a Profile page after you log in (or you could set the Response.Cookies in the LogIn method) and when you’re loading up the model you set the display name in the cookie:

        [Authorize]
    [HttpGet]
    public ActionResult Profile(User model)
    {
        if (User.Identity.IsAuthenticated)
        {
            userRepository.Refresh();
            model = userRepository.FetchByOpenID(User.Identity.Name);

            // If the user wasn't located in the database
            // then add the user to our database of users
            if (model == null)
            {
                model = RegisterNewUser(User.Identity.Name);
            }

            Response.Cookies[model.OpenID].Value = model.DisplayName;
            Response.Cookies[model.OpenID].Expires = DateTime.Now.AddDays(5);

            return View(model);
        }
        else
        {
            return RedirectToAction("LogIn");
        }
    }

    You can see it all in action on a little project I have: mydevarmy. I’m going to post a user profile soon and you will be able to change the display name (which is automatically generated for now).

    • 0