Monday, November 9, 2015

Login, logout and registering accounts in Sitecore

The security model in Sitecore is abstracted from the default .NET providers of membership, profiles and roles. This means that it's actually possible to achieve the same functionality (login for example) using the default .NET methods rather than one from the Sitecore API.

A user in Sitecore will always follow the domain\username format, and all references to a username, need to include the relevant domain. That user will come out of the box with a default profile which includes such information as full name or email address, however it is possible to extent the profile with custom properties (using Sitecore's template system).

User registration

To register a user in Sitecore we simply need a name, email, password and username. In the code sample below, the extranet domain is used and the username is the email address (as this is a unique field for public users in this case). 

This is only a basic implementation, you will also need to include handling of users who attempt to register an email address which is already registered, or perhaps don't meet any password requirements.

User login

Logging in with Sitecore is as simple as collecting a username and password and calling a function.

You can also detect if a user is logged in by using the following code:
if (Sitecore.Context.User.IsAuthenticated) 
But note that this will detect users logged into the Sitecore CMS along with any users whom use your custom forms.

User logout

Logging out is simply calling the following line of code:
FormsAuthentication.SignOut();

Custom properties on a user

It is also possible to have custom properties on a user profile which you can then set the values of in code. For more information see Sitecore custom properties on a user profile.

No comments:

Post a Comment