
How to Customize Simplemembership to store additional info

Sachin R

Please help with my  query
Simple membership provider creates userprofile table only with Userid and Username
How to add additional information to user profile table like Email Id, security question ,Gender,Address,Mobile number,PINCode....
I tried to add like this user profile model in Account model class as below but didnt work/create additional columns in table  
public class UserProfile
public int UserId { get; set; }
public string UserName { get; set; }
//Added by me
public string EmailId { get; set; }
and in Register model
public class Register
[Display(Name = "User name")]
public string UserName { get; set; }
[StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Confirm password")]
[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
public string EmailId { get; set; }
 Please explain below highlighted part of code
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public sealed class InitializeSimpleMembershipAttribute : ActionFilterAttribute 
private static SimpleMembershipInitializer _initializer;
private static object _initializerLock = new object();
private static bool _isInitialized;

public override void OnActionExecuting(ActionExecutingContext filterContext)
// Ensure ASP.NET Simple Membership is initialized only once per app start
LazyInitializer.EnsureInitialized(ref _initializer, ref _isInitialized, ref _initializerLock);
private class SimpleMembershipInitializer
public SimpleMembershipInitializer()
using (var context = new UsersContext())
if (!context.Database.Exists())
// Create the SimpleMembership database without Entity Framework migration schema
Account contrller 
public ActionResult Disassociate(string provider, string providerUserId)
string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
ManageMessageId? message = null;
// Only disassociate the account if the currently logged in user is the owner
if (ownerAccount == User.Identity.Name)
// Use a transaction to prevent the user from deleting their last login credential
using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable }))
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
OAuthWebSecurity.DeleteAccount(provider, providerUserId);
message = ManageMessageId.RemoveLoginSuccess;
return RedirectToAction("Manage", new { Message = message });
// GET: /Account/Manage
public ActionResult Manage(ManageMessageId? message)
ViewBag.StatusMessage =
message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed."
: message == ManageMessageId.SetPasswordSuccess ? "Your password has been set."
: message == ManageMessageId.RemoveLoginSuccess ? "The external login was removed."
: "";
ViewBag.HasLocalPassword = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
ViewBag.ReturnUrl = Url.Action("Manage");
return View();
// POST: /Account/Manage
public ActionResult Manage(LocalPasswordModel model)
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
ViewBag.HasLocalPassword = hasLocalAccount;
ViewBag.ReturnUrl = Url.Action("Manage");
if (hasLocalAccount)
if (ModelState.IsValid)
// ChangePassword will throw an exception rather than return false in certain failure scenarios.
bool changePasswordSucceeded;
changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword);
catch (Exception)
changePasswordSucceeded = false;
if (changePasswordSucceeded)
return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess });
ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
// User does not have a local password so remove any validation errors caused by a missing
// OldPassword field
ModelState state = ModelState["OldPassword"];
if (state != null)
if (ModelState.IsValid)
WebSecurity.CreateAccount(User.Identity.Name, model.NewPassword);
return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess });
catch (Exception)
ModelState.AddModelError("", String.Format("Unable to create local account. An account with the name \"{0}\" may already exist.", User.Identity.Name));
// If we got this far, something failed, redisplay form
return View(model);
// POST: /Account/ExternalLogin
public ActionResult ExternalLogin(string provider, string returnUrl)
return new ExternalLoginResult(provider, Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
// GET: /Account/ExternalLoginCallback
public ActionResult ExternalLoginCallback(string returnUrl)
AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
if (!result.IsSuccessful)
return RedirectToAction("ExternalLoginFailure");
if (OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false))
return RedirectToLocal(returnUrl);
if (User.Identity.IsAuthenticated)
// If the current user is logged in add the new account
OAuthWebSecurity.CreateOrUpdateAccount(result.Provider, result.ProviderUserId, User.Identity.Name);
return RedirectToLocal(returnUrl);
// User is new, ask for their desired membership name
string loginData = OAuthWebSecurity.SerializeProviderUserId(result.Provider, result.ProviderUserId);
ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(result.Provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
return View("ExternalLoginConfirmation", new RegisterExternalLoginModel { UserName = result.UserName, ExternalLoginData = loginData });
// POST: /Account/ExternalLoginConfirmation
public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl)
string provider = null;
string providerUserId = null;
if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId))
return RedirectToAction("Manage");
if (ModelState.IsValid)
// Insert a new user into the database
using (UsersContext db = new UsersContext())
UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower());
// Check if user already exists
if (user == null)
// Insert name into the profile table
db.UserProfiles.Add(new UserProfile { UserName = model.UserName });
OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName);
OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false);
return RedirectToLocal(returnUrl);
ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name.");
ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
return View(model);
// GET: /Account/ExternalLoginFailure
public ActionResult ExternalLoginFailure()
return View();
public ActionResult ExternalLoginsList(string returnUrl)
ViewBag.ReturnUrl = returnUrl;
return PartialView("_ExternalLoginsListPartial", OAuthWebSecurity.RegisteredClientData);
public ActionResult RemoveExternalLogins()
ICollection<OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name);
List<ExternalLogin> externalLogins = new List<ExternalLogin>();
foreach (OAuthAccount account in accounts)
AuthenticationClientData clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider);
externalLogins.Add(new ExternalLogin
Provider = account.Provider,
ProviderDisplayName = clientData.DisplayName,
ProviderUserId = account.ProviderUserId,
ViewBag.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
return PartialView("_RemoveExternalLoginsPartial", externalLogins);
#region Helpers
private ActionResult RedirectToLocal(string returnUrl)
if (Url.IsLocalUrl(returnUrl))
return Redirect(returnUrl);
return RedirectToAction("Index", "Home");
public enum ManageMessageId
internal class ExternalLoginResult : ActionResult
public ExternalLoginResult(string provider, string returnUrl)
Provider = provider;
ReturnUrl = returnUrl;
public string Provider { get; private set; }
public string ReturnUrl { get; private set; }
public override void ExecuteResult(ControllerContext context)
OAuthWebSecurity.RequestAuthentication(Provider, ReturnUrl);
Answers (2)