Geek Answers Handbook

User Authentication in ASP.NET MVC 4 Application

I am porting an old ASP.NET Web Forms application to ASP.NET MVC 4. I am not very familiar with ASP.NET MVC, so I apologize if this is a stupid question. In short, my ASP.NET Web Forms application used the following line of code to redirect the user at login:

FormsAuthentication.RedirectFromLoginPage(username, true);

I suggested that I could just copy and paste this code. However, I noticed that he was trying to redirect the user to "default.aspx". What is the MVC equivalent of this call?

Thanks!

+4
source share
4 answers

You have a complete sample here: http://www.c-sharpcorner.com/UploadFile/cd3310/using-mvc-Asp-Net-tools-create-simple-login-form/

View with a controller with a specific action

  [AcceptVerbs(HttpVerbs.Post)] public ActionResult Login(YourModel model) { if (!ModelState.IsValid) { return View("Login", model); } return RedirectToAction("Index"); }
0
source

Typically, form authentication provides returnUrl as a query string parameter (which I assume is using FormsAuthentication.RedirectFromloginPage(username, true) ). With that in mind, add a parameter to your input action, which gets in returnUrl , then use what's in your input action.

 [HttpPost] public ActionResult Login(LoginViewModel model, String returnUrl) { if (ModelState.IsValid) { // perform login if (YourFormsAuthentication.YourLoginMethod(mode.username, model.password)) { // // Set auth cookie, log user in, etc. // // Now check for returnUrl and make sure it present and // valid (not redirecting off-site) if (!String.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } // no returnUrl provided, direct them to default landing page return RedirectToRoute("Home"); } else { ModelState.AddError("", "Username or password are incorrect."); } } return View(model); }
+3
source

In your controller login method, add the returnUrl parameter string.

then check if it is empty or null. If not redirect.

 [HttpPost] public ActionResult LogOn(LogOnModel model, string returnUrl) { // Do your login // if success if (!String.IsNullOrEmpty(returnUrl)) { return Redirect(returnUrl); } }

Your view also returns returnUrl (which will be Request.Url)

 <%: Html.ActionLink("Log On", "LogOn", "ControllerName", new { returnUrl = Request.Url }, null)%>
+1
source

In MVC 4, if you create a new application and select the option for an Internet application, the template will connect everything for forms authentication and configure you to use the SimpleMembership provider, which will simplify the configuration of user profiles and add support for the OAuth plugin easily. You should have the following entry in your web.config.

 <authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880" /> </authentication>

This tells the application to redirect to loginUrl if the user is not authenticated or authorized. Then you simply use AuthorizeAttribute on your controllers or actions. You can add roles to this attribute if you want to use role-based authorization or just use it without roles. Here I added the AuthorizeAttribute attribute for the Contact action for the HomeController.

  [Authorize(Roles="Admin")] public ActionResult Contact() { ViewBag.Message = "Your contact page."; return View(); }

This action is located in the default HomeController, which is created by the MVC 4 Internet template. The user experience will be that if they click on the "Contacts" tab on the main page and they do not log in, they will be redirected to the login page into the system. After a successful login, they will be redirected back to the "Contacts" page. Thus, MVC 4 Internet applications are all connected for you, and you do not need to explicitly handle redirects. For more information on setting up a SimpleMembership provider, you can read this blog .

0
source

More articles:


All Articles