What is a good way to extend .Net Membership to track user logins

Question

As far as I can tell, the basic implementation of .Net membership records lastuserlogin but does not track each login, something I need to do now. I've done some research and I'm pretty sure one approach is to create a custom class that extends the current provider with this functionality, and adding an event table to the schema to record each login.

I've seen a few articles on this - the closest probably being this one from Scott Mitchell http://dotnetslackers.com/articles/aspnet/Tracking-User-Activity.aspx but it's from Nov 2008 and I'm curious if anyone can point me towards a better solution for this or confirm this is still the 'best' way to tackle this. I would imagine it's a fairly common requirement. I'm still ramping up on .Net (using c#) so any and all information will be greatly appreciated.

EDIT

Progress but not fully there yet. I added the following code to create a new record in the login activity table:

        if (Request.IsAuthenticated)
        {
            MembershipUser currentUser = Membership.GetUser(false);
            string App1 = Membership.Provider.ApplicationName;
            string username = currentUser.UserName;
            object guid1 = currentUser.ProviderUserKey;
            aspnet_CustomActivity login = new aspnet_CustomActivity
            {
                UserId = (Guid) guid1,
                ActivityID = 1, //login
                DateTime = dt1,
                ApplicationName = App1                   
            };
            db.aspnet_CustomActivities.InsertOnSubmit(login);
            db.SubmitChanges();
        }

So I have a small issue where I noticed ApplicationName is blank and when I tried to change it in web.config it caused an error getting the currentUser.username but I think I can work that out.

What I need to do now to finish is to tie this to the login page and I think I can do that based on the hints below. I'll post again when complete to round out the answer.

Answer 1

We simply created a class that extends the SqlMembershipProvider, overriding the ValidateUser method to perform whatever extra logic we want. (You just need to change the <membership> section of your web.config file to use this new membership provider).

Edit

There's really not much to it. You create a table in your schema that refers to the Guid-based user ID in the standard membership tables. You create a class to manage interaction with this table. You create your membership provider:

public class MyMembershipProvider : SqlMembershipProvider
{
    public override bool ValidateUser(string username, string password)
    {
        bool validated = base.ValidateUser(username, password);
        if (validated) 
        {
            MembershipUser user = GetUser(username, false); // built in to SqlMembershipProvider
            new LoginTracker().RegisterLogin((Guid)user.ProviderUserKey);
        }
        return validated;
    }
}

Then you register this provider in web.config:

<membership defaultProvider="MyMembershipProvider" userIsOnlineTimeWindow="60">
  <providers>
    <clear/>
    <add name="MyMembershipProvider" ... type="MyAssembly.MyNamespace.MyMembershipProvider, MyAssembly"/>        
  </providers>
</membership>

Simple!

Answer 2

You will need to implement a custom memberhsip provider. Take a look at this: http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx