Reputation: 11
Ensure unique Username / Emails
I am currently using Asp MVC / Identity 2.0 to build a membership site. I have made some changes that now allow a user todo the following :
- Create separate username / email values on account creation
- Login using either username or email through a single text field
What I am concerned about is should user Alice register an account as follows :
Username - Alice
Email - [email protected]
User Bob could create an account as follows :
Username - [email protected]
Email - [email protected]
I'd like to ensure, that should a user create an account, their username is unique in both the UserName and EmailAddress columns.
I have currently achieved within my RegisterViewModel as follows
[RegularExpression(@"^([a-zA-Z0-9 \.\&\'\-]+)$", ErrorMessage = "{0} must be alpha numeric")]
[Display(Name = "Username")]
public string UserName { get; set; }
As such it is not possible to enter an email into the username field - is this the best way to do this though?
I'm concerned that later down the line, I may want to allow some special characters in the username field.
Forgive me if this is a n00b question, I'm still very much new to this.
Upvotes: 0
Views: 3773
Answers (1)
Reputation: 218702
You cannot ensure uniqueness of your records using the Data annotations you have in your view model properties. Those are for helping validations & display purposes primarily.
What you should be doing is checking the userName value againist both UserName and Email field of your User table and allow/deny user to continue his action.
To check the userName against both email and userName fields , you might try something like this.
var userNameToCheck="[email protected]";
var exists=db.Users.Any(x=>x.UserName==userNameToCheck||x.Email==userNameToCheck);
if(!exists)
{
// New record. Let's continue saving it.
}
But a better solution is to use email as your username for the app(Only one column in db table) and keep a unique constraint on that column(Email) to prevent accidental duplicate entry even if your code failed to stop the duplicate entry insertion.
You should always have validation in your code and db (constraints) to be on the safer side.
Upvotes: 2
Related Questions
- Asp.net Identity 2.0 - Unique Email
- Register with unique email OR unique username in ASP.NET Core MVC
- how to set username not unique in aspnet identity
- Username and Email validation
- AspNet Identity 2.0 Email and UserName duplication
- ASP.NET Identity 2 Separation of Email and UserName and using Email to login
- ASP NET Identity 2.0- Separate username and email
- ASP.NET Identity - Validation for unique user email address on IdentityUser
- unique user login
- User Identity in asp.net mvc