Using SitecoreUser.Profile with Forms Authentication - sitecore

We use sitecore to manage our registered users (extranet domain) and when creating new virtual users we give it an email using the Profile.Email property and then call the Profile.Save() method.
Another property somewhere else reads the userProfile.Email, everything is fine at the beginning.
Plus we use Forms authentication with the remember me feature.
The problem is when we close the browser and reopen it Sitecore.Context.User contains info about the actual user who clicked remember me but the User.Profile always has the Email null.
I tried Reload() and initialize() they don't work. I also tried getting the user again via the username (User.FromName()) but the returned user object also doesn't have the Profile Email.
What is being done wrong?

There is one very important remark in Security API Cookbook. It is related to Sitecore 6 but as far as I know it should work with Sitecore 8 as there was no important changes in Security model. It worked for Sitecore 7.
Important You must log in a virtual user only after you assign Roles and Profile properties to them. The Roles and Profile properties that are assigned after logging in are lost upon subsequent request.
Sitecore.Security.Accounts.User user =
Sitecore.Security.Authentication.AuthenticationManager.BuildVirtualUser(#"domain\user"
, true);
if (user != null)
{
string domainRole = #"domain\role";
if (Sitecore.Security.Accounts.Role.Exists(domainRole))
{
user.Roles.Add(Role.FromName(domainRole));
}
user.Profile.Email = "user#domain.com";
user.Profile[“Custom Property”] = “Custom Value”;
user.Profile.Save();
Sitecore.Security.Authentication.AuthenticationManager.LoginVirtualUser(user);
}

Related

Store UserTokens generated by ASP.Net Core identity for external login provider

I am using Facebook as external login of ASP.Net Core identity.
I would like, even if the user logged in with Facebook, the user to fill his profile on the website.
For that I use the ExternalLoginCallback method, from which I would like to get data from Facebook such as date of birth, location (country), ...
One issue is if the user unchecked some of the permissions, the default call to Facebook fails:
var info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
return RedirectToAction(nameof(Login));
// Sign in the user with this external login provider if the user already has a login.
var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false);
I would also need to do some additional checks on user data, which would require calling directly the Graph API.
My blocking points:
- In the ExternalLoginCallback method, I would need to separate the 'country' and 'birthday' to avoid the Facebook API to return an error in case of the user didn't grant the permission
- For that I would need the the user access_token (and for additional calls in the method), I don't see how to get it even if it is used by the Facebook Identity framework
- Once the profile created, I would like to get access to this access_token, which should be stored in the UserTokens table (I guess?), but I can't find it there, the table is empty. (my DbContext is a class extending IdentityDbContext<AppUser, AppRole, long>, don't know if it has an impact)
I have found this answer https://stackoverflow.com/a/42670559/4881677 which may help, but not sufficient.
Any help? :)
In order to store the user Facebook token, it requires to specify it in the options (not stored by default).
var fo = new FacebookOptions();
fo.SaveTokens = true;
From there we can call the graph method permissions to get the available permissions: https://graph.facebook.com/me/permissions?access_token={token}
Then it can be read with something like this:
foreach (var perm in data)
{
perms.Add((string)perm["permission"], (string)perm["status"]);
}

Sitecore Virtual User Login Experience Profile

I need to validate user credentials from external service, therefore I'm using the VirtualUser authentication.
BuildVirtualUser, checking for the roles to set to him, saving the user Profile and then login with that name.
I'm facing a problem, that everyday that i login, with the same credentials Sitecore creates a new user in Experience Profile.
What i need to change in my code to assure that, with virtual user login, Sitecore gets the old experience profile of the user?
I was thinking in creating the user in sitecore with same generic password. Instead of using the virtual user, and authenticate directly with sitecore. Is that correct?
Here's my code:
Sitecore.Security.Accounts.User user = Sitecore.Security.Authentication.AuthenticationManager.BuildVirtualUser(sitecoreUser, true);
string roleName = #"newRole\User";
Sitecore.Security.Accounts.Role demoRole = Sitecore.Security.Accounts.Role.FromName(roleName);
if (Sitecore.Security.Accounts.Role.Exists(roleName) && !demoRole.IsMember(user, true, false))
{
user.Roles.Add(Sitecore.Security.Accounts.Role.FromName(roleName));
}
user.Profile.Name = name;
user.Profile.Email = email;
user.Profile.FullName = fullname;
user.Profile.Save();
Sitecore.Security.Authentication.AuthenticationManager.Login(user.Name);
Tracker.Initialize();
Code looks fine, but you miss one important thing: to identify your user/contact.
You need to add next line of code:
Tracker.Current.Session.Identify(email);
Please check next link to find more information about how to identify contacts:
https://doc.sitecore.net/sitecore_experience_platform/setting_up__maintaining/xdb/contacts/identifying_contacts

Odoo website, Creating a signup page for external users

How can I create a signup page in odoo website. The auth_signup module seems to do the job (according to their description). I don't know how to utilize it.
In the signup page there shouldn't be database selector
Where should I store the user data(including password); res.users or res.partner
you can turn off db listing w/ some params in in odoo.cfg conf
db_name = mydb
list_db = False
dbfilter = mydb
auth_signup takes care of the registration, you don't need to do anything. A res.user will be created as well as a partner related to it.
The pwd is stored in the user.
User Signup is a standard feature provided by Odoo, and it seems that you already found it.
The database selector shows because you have several PostgresSSQL databases.
The easiest way is to set a filter that limits it to the one you want:
start the server with the option --dbfilter=^MYDB$, where MYDBis the database name.
User data is stored both in res.userand res.partner: the user specific data, such as login and password, are stored in res.user. Other data, such as the Name is stored in a related res.partner record.

Why Sitecore create virtual users with all extranet roles?

I am not sure about BuildVirtualUser method behavior in Sitecore 6.6 update 3
I have the following code:
bool isAuthenticated = true;
string userName = string.Format("{0}\\{1}", "extranet", user.Login);
SC.Security.Accounts.User virtualUser = SC.Security.Authentication.AuthenticationManager.BuildVirtualUser(userName, isAuthenticated);
but after BuildVirtualUser method call virtualUser variable contain all extranet roles.
I expect that just my following code should attach role to user.
foreach(var role in user.Permissions)
{
string domainRole = string.Format("{0}\\{1}", "extranet", "USER_EDIT");
if (SC.Security.Accounts.Role.Exists(domainRole))
{
virtualUser.RuntimeSettings.AddedRoles.Add(domainRole);
}
}
Why does it happening? What do I need to do to fix it?
Update 1
I have discovered that first time BuildVirtualUser creates user with 0 roles,
roles can be succesfully added, but after logout and login procedure with the same user name, roles that were added during first time automaticaly attaching to new user. In my opinion this bahavior is not good, in case someone can edit user roles in external system.
Try this:
user.Roles.Add(Sitecore.Security.Accounts.Role.FromName(domainRole));
from:
http://sdn.sitecore.net/upload/sitecore6/sc61keywords/security_api_cookbook_usletter.pdf
I am not sure what your for each loop is, but it's kind of redundant your not doing anything with each 'role'.
SC.Security.Accounts.User virtualUser = SC.Security.Authentication.AuthenticationManager.BuildVirtualUser(userName, true);
virtualUser.RuntimeSettings.AddedRoles.Clear();
virtualUser.Roles.RemoveAll();
this code is help to update user roles dynamicly.
But I still not undetstend why sitecore cache roles for virtual users.

Call Profile Provider By Name in Profile config

I have a legacy system (sitecore 6.1) which is already have one profile provider in plave as default profile for admin section.
Now, i need to impelement another customised SQL profile provider (in a different table) for normal user.
But my question is How dose system know which profile provider to use in code?
Is there any thing I can do similar as :
System.Web.Security.Membership.Providers[providerString];
So that I can call customised profile provider in my code accordingly.
Or what would be the best practice in this case.
I've wasted like 1 hour try to go through sitecore docs, but not much available there.
Here's some code that I recently did to set up some custom profile stuff for a client using the Email Campaign Manager. Granted this code uses some classes specific to ECM, it creates a new user, initializes a profile class and then assigns that profile to the new user. Then it sets some custom properties for the user that was just created. It shows you how to call the profile based on the user as well as assigning a profile to use for that user. This might help or maybe help someone else.
public static void Process(List<Subscriber> userItems, Item targetAudienceDefinitionItem)
{
foreach (Subscriber user in userItems)
{
// you can also just pass it the id of the target audience as a string
Sitecore.Modules.EmailCampaign.TargetAudienceBase target = Sitecore.Modules.EmailCampaign.TargetAudience.FromItem(targetAudienceDefinitionItem);
string campaignname = target.ManagerRoot.Settings.CommonDomain;
string realUsername = campaignname + "\\" + user.UserName;
using (new SecurityDisabler())
{
User newUser;
if (!Sitecore.Security.Accounts.User.Exists(realUsername))
{
// create a new user and assign it to the email domain specified in the manager root item
newUser = Sitecore.Security.Accounts.User.Create(campaignname + "\\" + user.UserName, System.Web.Security.Membership.GeneratePassword(8,1));
}
else
// get back the existing user
newUser = User.FromName(realUsername, false);
// get back the current user profile
UserProfile subscriber = newUser.Profile;
// reset the profile to be the profile specified in the manager root
subscriber.ProfileItemId = target.ManagerRoot.Settings.SubscriberProfile;
subscriber.Save();
// built in properties are set like this
subscriber.Email = user.Email;
// set custom property value
subscriber["Address"] = user.Address;
// or long method
subscriber.SetCustomProperty("Address", user.Address);
subscriber.Save();
// now subscribe the user to the target audience subscriber list
target.Subscribe(Contact.FromName(newUser.Name));
}
}
}