What is the recommended method for user-specific persistent variable storage in ASP.NET when using a custom membership provider?

I have an ASP.NET application that uses a custom MembershipProvider to allow users to log in and gain access to certain features. The MembershipProvider uses ASP.NET's built-in forms authentication to set cookies and keep track of who the user is.

Now that I've got the user logged in, what's the best way to store user-specific information for their session? In the past I've just used Session variables ie Session["ReputationLevel"] = "4230"; (my application doesn't actually have a reputation level variable, this is just an example). Is this still the best way when using a MembershipProvider? Would it be better to somehow build this information into the provider itself, or into a custom MembershipUser implementation? If I keep everything in the session, I suppose I'd have to abandon the session when the MembershipProvider indicates that the user had logged out开发者_StackOverflow中文版...?

Sorry if this question is vague. I've been doing mostly ColdFusion development for the past few years, and I'm still kinda new to some of these ASP.NET technologies. I thought the MembershipProvider functionality would take care of everything I needed, but I'm now seeing there are still some holes in my implementation (in this case, where to store additional data).

This question appears to be similar, but doesn't appear to be quite what I'm asking.

If you want to persist the information beyond the session, it's probably best to store it by user in your database. There are several ways to do this:

• You can roll your own by manually storing and reading in data from a SQL table as needed -- possibly using the runtime cache to save from hitting the db on every request.
• You can extend MemberShipUser in your custom membership provider and add the properties to it. Here is a walkthrough...
• You can use ASP.NET Profiles, which might be the easiest way to go and it supports storing data for unique unauthenticated users as well. Here's a walkthrough for profiles, although there are several more out there.

I'm not sure how you would do it, but I suppose you could extend the Membership provider to do that. But personally, I've found that ordinary sessions work just fine. Only thing I'd do is to wrap their functionality in a a set of shared functions. So your example would be:

static string GetUserReputation()
{
   return Session["Reputation"].ToString();
}

and just call GetUserReputation