ASP.NET MVC Authentication (Continuation)

Panthmadan
Posted by in ASP.NET MVC category on for Beginner level | Points: 250 | Views : 3039 red flag

This article is continuation of one here we will see labs to create a Login screen where a user can enter the ID and Password.
Recommendation
Read Create a simple ASP.NET MVC Project (Part 3) Validations before this article.

Contents

Introduction

Step 41:- Creating the Login class

Step 42: - Creating login screen

Step 43:- Creating the authentication controller

Step 44: - Decorating with Authorize attribute

Step 45:- Updating the web.config file

Step 46:- Executing and checking

Rest of the Learn MVC series

Introduction:

In the previous article i.e Lab 3 we looked in to validations. In this article we will try to understand how to do Authentication in ASP.NET MVC.

So in this lab will create a Login screen where a user can enter the ID and Password, if he is a proper user than he can access the site or else he is redirected back to the login page.

In case you are completely new to ASP.NET MVC we would suggest you to see the below youtube video which kick starts MVC learning in just 16 hours.

Step 41:- Creating the Login class

The first step is to create a login model / class in which we will have two properties “UserName” and “Password” as shown in the below code.

namespace MyApp.Models
{
    public class Login
    {
        [Required(ErrorMessage="Enter User Name")] // Using Data Annotations
        public string UserName { get; set; }
        [Required(ErrorMessage = "Enter Password")] // Using Data Annotations
        public string Password { get; set; }


    }
}

Step 42: - Creating login screen

The next step is to create a login screen with two textboxes one for username and password. In the form action we have specified the action “DoLogin” which will do the validation and this action will be in the controller “Authentication”.

<form name="loginfrm" method="post" action="/Authentication/DoLogin">
<label>User Name</label>
<input type="text" name="UserName" value=""> @Html.ValidationMessage("UserName") <br /><br />
<label>Password</label>
<input type="password" name="Password" value=""> @Html.ValidationMessage("Password") <br /><br />
<input type="submit" value="LogIn" />
</form>

Step 43:- Creating the authentication controller

In the previous step in the action we have specified the action and controller. So the next logical step is to create an authentication controller where we will create a login, logout and dologin methods as shown in below code.

  • Login :- Invokes the Login UI which we have created in the previous step.
  • DoLogin :- Will validate if the username is valid or not. For now we have hardcoded the username and password. You can use ADO.NET to check in SQL Server if the user is valid or not.
  • Logout :- Helps to logout the user from the application.

namespace MyApp.Controllers
{
    public class AuthenticationController : Controller
    {
        //
        // GET: /Authentication/
        public ActionResult Login()
        {
            return View(); // Returning Login Page
        }


        public ActionResult DoLogin(Login l) // Passing credentials from Login Page
        {
            if(l.UserName == "ADMIN" && l.Password=="ADMIN")
            {
                FormsAuthentication.SetAuthCookie(l.UserName,true); //Setting the Cookie
                return RedirectToAction("Index", "University"); // Returning Index of University Controller
            }
            else
            {
                return View("Login"); //Hitting to Login Page
            }

        }
	
       public ActionResult LogOut()
       {
           FormsAuthentication.SignOut(); //LogOut function
           return RedirectToAction("Login"); //Hitting to Login Page
       }
	}
}

Step 44: - Decorating with Authorize attribute

The next thing we need to do is decorate the “main” method with authorize attribute. This “Main” method invokes the main landing page of the site. The other methods “Login”, “Logout” and “DoLogin” should not be decorated with authorize attribute as they need to be accessed with out authentication.

public class AuthenticationController : Controller
    {
       [Authorize]
        public ActionResult Main()
        {
            return View(); // Returning Login Page
        }
}

Step 45:- Updating the web.config file

Now the final step, in the web.config file we need to we specify authentication mode as forms.

<authentication mode="Forms">
<forms loginurl="~/Authentication/Login"></forms>
</authentication>

Step 46:- Executing and checking

Now that we are done with all things you can now try accessing there “Main” action and you would be redirected to the “DoLogin” method which will load the Login view.

Rest of the Learn MVC series

Hope you have enjoyed this 4 part series and below is the complete list of past 3 article series.

Part 1 :- http://www.dotnetfunda.com/articles/show/3201/creating-a-simple-aspnet-mvc-project-part-1-in-23-steps

Part 2 :- http://www.dotnetfunda.com/articles/show/3204/creating-a-simple-aspnet-mvc-project-part-2-edit-and-delete

Part 3 :- http://www.dotnetfunda.com/articles/show/3218/create-a-simple-aspnet-mvc-project-part-3-validations

Page copy protected against web site content infringement by Copyscape

About the Author

Panthmadan
Full Name: Madan Panth
Member Level: Starter
Member Status: Member,MVP
Member Since: 12/15/2015 4:34:44 AM
Country: India

www.questpond.com
Learn MVC in 16 hours
Learn design pattern in 8 hours
Learn C# in 100 hours series
Learn MSBI in 32 hours
Learn SharePoint Step by Step in 8 hours

Login to vote for this post.

Comments or Responses

Login to post response

Comment using Facebook(Author doesn't get notification)