According to my experience a real word authentication thing is till not very easy if you want to support 3rd party logins (like Google and Facebook) and traditional forms authentication and you want them to work together.
So what do I mean by working together and real world?
- In the real word you will want to collect some extra information about users when they register or login via 3rd party for the first time. For example in my case I make a beauty site so I collect user's skin type and biggest skin concern.
- It is nice if different login options can work together: users can connect their accounts to the one profile they have on your site and after connecting the accounts they can log in with whatever method they want. This is especially needed if you add 3rd party login support after the site is launched and you have already users registered in the traditional way.
So how do you implement something like this with ASP.NET MVC?
- You need for this the right database structure: To support forms authentication I just use what comes out of the box, the asp.net membership system with sql membership provider. To collect extra information about the users I have created my own user table that contains skin type, skin concern, nick name and so on. To support the one profile can have many logins I have created a connection table that has two columns: nick name that points to my own user table and username that points to the user in the membership system.
- In case of 3rd party login I also create a membership entry for that login. For username I use the unique identifier of the user I get back from Google or Facebook. Like this I know if user is logging in for the first time or not: if the unique identifier has already a membership entry, it is not the first time otherwise it is.
- If it is a first time login I tell the user to create a profile on my page or ask if she has already a profile. If the user creates a profile I make an entry in UserProfile and also in the UserNickConnection table. If user has already a profile, I ask her to authenticate as before and then I just have to make a new entry in the UserNickConnection table. After the accounts are connected user can log with whatever method she wants.
Ok, so this was the high level overview of the thing. To get started more concreatly the following things are needed: