Authenticating model - best practices
- by zerkms
I come into ASP.NET from php so the reason why i ask my question is because it's totally different nature of how application works and handles requests.
well, i have an exists table with user creditians, such as:
id, login, password (sha hashed), email, phone, room
i have built custom membership provider so it can handle my own database authentication schema.
and now i'm confused, because User.Identity.Name contains only user's login, but not the complete object (i'm using linq2sql to communicate with database and i need in it's User object to work).
at php applications i just store user object at some static method at Auth class (or some another), but here at ASP.NET MVC i cannot do this, because static member is shared across all requests and permanent, and not lives within only current request (as it was at php).
so my question is: how and where should i retrieve and store linq2sql user object to work with it within current and only current request? (after request processed successfully i expect it will be disposed from memory and on next request will be created again).
or i'm following totally wrong way?