Should I use the built-in membership provider for an ASP .NET MVC application?

Question

I\'ve been using a custom membership provider for authentication in all my web form applications till now. I\'m about to start developing my first website using MVC. I\'m

Answer 1

Here is an option and one that I use successfully.

You essentially have a single user which can be authenticated multiple ways.

Using the built in provider, which you could of course switch out at any time, does not preclude you from authenticating that user multiple ways.

When a user authenticates with OpenID, Facebook, etc. match that login against a table that matches the specific login method and identity to the Forms identity and just set the set the user as logged in with their canonical Membership user name.

If a new user authenticates to your site and doesn't have an account just create one in the membership provider automatically. Set the password to some random garbage because they'll never use it. Let them continue to associate multiple login types with it as well.

If a user wants to then also have a direct login just use the standard Membership provider password reset mechanisms and provide them with one.

Long story short: use the built in mechanism for now. It doesn't stop you from doing what you want to do.