Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Custom Authentication and ASP.NET MVC

Tags:

c#

asp.net

asp.net-mvc

asp.net-mvc-4

I have an internal web app being built in ASP.NET 4. We are stuck with using an authentication API built by another team. If a user to the site is authenticated successfully for the site I would like to give them access to the entire site.

In ASP.NET WebForm days I just used to keep a custom User object in session. If that object was null I knew the user wasn't authenticated. Is there a similar but improved method for this in MVC. I don't want to have to build my own provider of the ASP.NET Membership model if possible. What is the simplest way of doing this?

like image 432
BuddyJoe Avatar asked Sep 03 '13 14:09

BuddyJoe

People also ask

What is authentication in ASP.NET MVC?

ASP.NET MVC Authentication is a feature in MVC that helps in making the website highly secure and safe. Authentication is the process of confirming or validating the user's identity if the user who is trying to access the web page or web application is a genuine user or not.

How many types of authentication are there in ASP.NET MVC?

The Authentication is performed by IIS in one of three ways such as basic, digest, or Integrated Windows Authentication. When IIS authentication is completed, then ASP.NET uses the authenticated identity to authorize access.

What is custom authentication?

In custom authentication, you use an authentication server to produce custom signed tokens when a user successfully signs in. Your app receives this token and uses it to authenticate with Identity Platform.

1 Answers

You can use Forms Authentication in conjuction with Authorize attibute as follows,

To restrict access to a view :

Add the AuthorizeAttribute attribute to the action method declaration, as shown below,

[Authorize] public ActionResult Index() {     return View(); }

Configuring Forms Authentication in web.config

<authentication mode="Forms">      <forms loginUrl="~/Account/Login" timeout="2880" /> </authentication>

Login Post Action: Set Authentication cookie if user is valid 

[HttpPost] public ActionResult Login(User model, string returnUrl) {         //Validation code          if (userValid)         {              FormsAuthentication.SetAuthCookie(username, false);         } }

Log off Action:

public ActionResult LogOff() {     FormsAuthentication.SignOut();     return RedirectToAction("Index", "Home"); }
like image 77
Jatin patil Avatar answered Oct 05 '22 21:10

Jatin patil
Sign in to Comment

Related questions

Is it possible to use DataAnnotations with Interfaces?
.Net Coding Standards Using a prefix "Is" or "Has" on Method Names
How to create an instance of HttpPostedFileBase(or its inherited type)
returning a generic IEnumerable<T>
Task.WaitAll hanging with multiple awaitable tasks in ASP.NET
Stubbing Task returning method in async unit test
Why it is not allowed to create datetime constant in .net?
System.IO.FileStream FileAccess vs FileShare
String formatting with braces
Generate access token with IdentityServer4 without password
Copy files to clipboard in C#
Shortest way to write a thread-safe access method to a windows forms control
How to determine if a previous instance of my application is running?
linq select items from child collection
How to make List's Add method protected, while exposing List with get property?
Connection Strings for Entity Framework
Memory barrier generators
Can a C# program be cross-platform?
What is the difference between inherits and implements in C#
How to have enum values with spaces? [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!