I am building an asp.net mvc web api application and not sure how to do the membership stuff.
In my current project I have this
Users Table and
Role Table I am not using asp.net membership as it brings too much baggage and does not fit how I want to design my database(sure I can to it but it just seems like to much work)
user can have many roles and a
role can have many users.
I am using EF to do almost all my calls to the database.
In past projects I made my own
Authorize Attribute what did my own call to my database and checked to see if the user was in the correct role as what was allowed on that controller/action method.
By not doing any membership providers I lost out on some of the built in functions such as
User.IsInRole. I was still able to use
User.Identity.Name but I think that was because of the cookie that I set.
What is the best practice way to do it now in asp.net mvc 4/web api?
While googling I found "SimpleMembership" but have not read much into it yet.
On a side note can I use
User.Identity.Name with my webapi if I authenticated a user?