-
Notifications
You must be signed in to change notification settings - Fork 238
General Design
The general design of MembershipReboot uses three main classes:
- UserAccount
- IUserAccountRepository
- UserAccountService
The UserAccount models the data needed to represent a user account and the associated identity information (username, password, claims, etc.). The IUserAccountRepository is an interface to abstract storage of UserAccount objects. The UserAccountService provides APIs to perform operations on UserAccounts. The UserAccountService depends on the IUserAccountRepository to perform the queries and persistence of UserAccount data. An application would then use the UserAccountService API to provide it with all the features MembershipReboot implements.
It is up to the application developer to decide what implementation to use for the IUserAccountRepository. It is also then up to the application developer to decide how to instantiate the UserAccountService for use in the application (dependency injection is a common approach).
There are other classes that assist in configuring MembershipReboot. These are:
- SecuritySettings
- ApplicationInformation
- MembershipRebootConfiguration
The SecuritySettings class contains settings to configure MembershipReboot for certain security settings (such as account lockout duration and if the email address should be used as the username).
ApplicationInformation is simply a class that lets MembershipReboot know the name of the application and what URLs the application provides for various account related functions. This information is mainly used when sending emails to the user.
MembershipRebootConfiguration is the main configuration class used by the UserAccountService. It contains the SecuritySettings and provides extensibility points for adding any custom logic related to validation or event notifications when account related data changes.
Finally, there's one last helper class worth mentioning:
- AuthenticationService
The AuthenticationService class is a helper that bridges the gap between MembershipReboot and the running web application. It will perform the work of issuing cookies to track the logged in user. It also provides the assistance for performing two-factor authentication and supporting external login providers.