This article is continuation of one here we will see labs to create a Login screen where a user can enter the ID and Password.
Contents
Introduction
Step 41:- Creating the Login class
Step 42: - Creating login screen
Step 43:- Creating the authentication controller
Step 44: - Decorating with Authorize attribute
Step 45:- Updating the web.config file
Step 46:- Executing and checking
Rest of the Learn MVC series
In the previous article i.e Lab 3 we looked in to validations. In this article we will try to understand how to do Authentication in ASP.NET MVC.
So in this lab will create a Login screen where a user can enter the ID and Password, if he is a proper user than he can access the site or else he is redirected back to the login page.
In case you are completely new to ASP.NET MVC we would suggest you to see the below youtube video which kick starts MVC learning in just 16 hours.
The first step is to create a login model / class in which we will have two properties “UserName” and “Password” as shown in the below code.
namespace MyApp.Models
{
public class Login
{
[Required(ErrorMessage="Enter User Name")] // Using Data Annotations
public string UserName { get; set; }
[Required(ErrorMessage = "Enter Password")] // Using Data Annotations
public string Password { get; set; }
}
}
The next step is to create a login screen with two textboxes one for username and password. In the form action we have specified the action “DoLogin” which will do the validation and this action will be in the controller “Authentication”.
<form name="loginfrm" method="post" action="/Authentication/DoLogin">
<label>User Name</label>
<input type="text" name="UserName" value=""> @Html.ValidationMessage("UserName") <br /><br />
<label>Password</label>
<input type="password" name="Password" value=""> @Html.ValidationMessage("Password") <br /><br />
<input type="submit" value="LogIn" />
</form>
In the previous step in the action we have specified the action and controller. So the next logical step is to create an authentication controller where we will create a login, logout and dologin methods as shown in below code.
- Login :- Invokes the Login UI which we have created in the previous step.
- DoLogin :- Will validate if the username is valid or not. For now we have hardcoded the username and password. You can use ADO.NET to check in SQL Server if the user is valid or not.
- Logout :- Helps to logout the user from the application.
namespace MyApp.Controllers
{
public class AuthenticationController : Controller
{
//
// GET: /Authentication/
public ActionResult Login()
{
return View(); // Returning Login Page
}
public ActionResult DoLogin(Login l) // Passing credentials from Login Page
{
if(l.UserName == "ADMIN" && l.Password=="ADMIN")
{
FormsAuthentication.SetAuthCookie(l.UserName,true); //Setting the Cookie
return RedirectToAction("Index", "University"); // Returning Index of University Controller
}
else
{
return View("Login"); //Hitting to Login Page
}
}
public ActionResult LogOut()
{
FormsAuthentication.SignOut(); //LogOut function
return RedirectToAction("Login"); //Hitting to Login Page
}
}
}
The next thing we need to do is decorate the “main” method with authorize attribute. This “Main” method invokes the main landing page of the site. The other methods “Login”, “Logout” and “DoLogin” should not be decorated with authorize attribute as they need to be accessed with out authentication.
public class AuthenticationController : Controller
{
[Authorize]
public ActionResult Main()
{
return View(); // Returning Login Page
}
}
Now the final step, in the web.config file we need to we specify authentication mode as forms.
<authentication mode="Forms">
<forms loginurl="~/Authentication/Login"></forms>
</authentication>
Now that we are done with all things you can now try accessing there “Main” action and you would be redirected to the “DoLogin” method which will load the Login view.
Hope you have enjoyed this 4 part series and below is the complete list of past 3 article series.
Part 1 :- http://www.dotnetfunda.com/articles/show/3201/creating-a-simple-aspnet-mvc-project-part-1-in-23-steps
Part 2 :- http://www.dotnetfunda.com/articles/show/3204/creating-a-simple-aspnet-mvc-project-part-2-edit-and-delete
Part 3 :- http://www.dotnetfunda.com/articles/show/3218/create-a-simple-aspnet-mvc-project-part-3-validations