Asp.net mvc codefirst and authentication

I am a new Asp.net Mvc programmer and I am developing a web site with the use of code first entity framework.

I know that there is a built in membership provider inside mvc project and even I can use custom membership provider in order to change it to my taste.

but I am not sure if it is better to forget about membership provider and implement all of them (login,authentication,...)by myself to have better integrity? which is time cons开发者_运维知识库uming.

Could you plz tell me which one is better.

Regards

There is a SQL membership provider (http://msdn.microsoft.com/en-us/library/system.web.security.sqlmembershipprovider.aspx) that comes with the .NET framework that you can use. I would take a closer look at that. If it doesn't fit your needs, then build your own.

I always build my own as I like to have complete control over the data model. Most sites I work on, I only need to implement ValidateUser() in the membership provider, but what all you need to implement purely depends on what you are using the membership provider to do. I use the YAGNI approach when it comes to implementing providers. I only implement methods that I know are going to be called.

If this is for a product you are building, then I would go ahead and implement everything as you never know what other developers might use your product for.

ASP.NET Membership Provider is an excellent authentication framework. You can easily extend the framework by adding the membership provider to your database or building ontop of the existing database.

The ASP.NET Membership Provider has already done the hard work for you when it comes to authentication, state management, encryption, hashing, and roles, to name a few features. Why reinvent the wheel?

You can easily call pre-built ASP.NET membership functions and save yourself loads of work.

Aside from saving yourself time programming a new, possibly bug prone, authentication service, you would also be using a .NET industry standard. That means if you run into problems while using it, there have been many more before you that have already faced the same problems. You also make your authentication manageable, as because it's a standard, others will easility be able to pick it up and run with it.