ASP.NET Multiple login 'levels' - OAuth & Forms

I am about to join what must be tens of thousands of other developers by adding an OAuth login (Facebook login) to an existing ASP.NET site that currently uses Forms authentication.

Unfortunately we cannot give full access to the site to users who have used OAuth to authenticate.

I wish to have two levels of access available to users, depending on how they have authenticated themselves. If they have logged in via OAuth then they will have limited access, if they have authenticated via Forms then they will have full access.

Is there any built in system in ASP.NET Membership that allows for multiple levels of authentication?

If not, can anyone provide any tips, or links to tips, about how to implement this?

I think that at a most basic level all that is needed is a globally accessible bool 开发者_C百科that is set on a per-login basis denoting whether the user logged in with OAuth or not. If I were able to set the User.Identity.AuthenticationType when performing a login it would probably do the trick. I of course would like to avoid the pain of crating a whole new custom membership provider.

Can't this be done using roles? You could assign one role called "Native" for example, for users logged in from your application loggin form, and a role called "Outsiders" from people logged on from other systems. Your pages then would make parts visible/invisible deppending on the role of the user logged in.