Simple Form Based Authentication in ASP.NET MVC Application

Hi Friend,Today we will learn "How to implement form based authentication concepts in ASP.NET MVC Application". This concepts is basically used for authenticating the user credentials using Forms.In Previous post , i have  already implemented two authentication concepts in application .which are as given below:-
  1. How to implement form based authentication in application
  2. How to implement windows based authentication in application
MVC form based authentication almost same as form based authentication.But there are little differences which i will explain it in this post.
There are some steps to implement this concepts in mvc application as given below:- 

Step 1 :- First open your visual studio --> File -->Project --> Select ASP.NET MVC 3 OR MVC 4 Application --> write your project name --> press OK as shown below:-
Step 2 :- Now select Empty template -->Choose ASPX view engine as shown in below image.
Step 3 :- Now open Solution Explorer Window (if not open)Right click on controller --> Add Controller (Authentication_controller) -->Add as shown below:-
Step 4 :- Now Right click on ActionResult  login_form method in coding part --> Add a View (login_form.aspx) --> Choose view engine ASPX as shown below:-
Note:- This web form will be displayed on client browser ,when any client call the ActionResult Method. For more details follow below link.
How to pass data from controller to view in mvc application.
Step 5 :-  
  • Now open login_form.asp page (view engine) --> Design text boxes and button controls using coding (you can add Html controls from toolbox) as given below:-
<%@ Page Language="C#" Inherits="System.Web.Mvc.ViewPage<dynamic>" %>

<!DOCTYPE html>

<head runat="server">
    <meta name="viewport" content="width=device-width" />
      <form action="Authenticate_User" method ="post">
          <span class="auto-style1"><strong>&nbsp;Simple Form Based Authentication in ASP.NET MVC Application</strong></span><br />
          <br />
          Enter User Name <input id="txt_id" name ="txt_id" type="text" /> <br />
          Enter Password <input id="txt_Pass" name="txt_pass" type="password" /><br />
          <input id="Submit1" type="submit" value="Login" />
  • Now go Design mode --> You will see following  login layout as shown below:-
1.) <form action="Authenticate_User" method ="post"> ,this Action (Authenticate_User) will be invoked when any user fill the login credentials and press login button. 
2.) This action = Authenticate_User  will call the controller class  ActionResult   method =  Authenticate_User .
3.) This action (Authenticate_User ) will execute and check the user credentials from controller class .if entered user name and password are correct then it returns home_page otherwise returns same page.
4.) Method = "post" is used to retrieve the data from the can use Get Method also.But it less secure and slower than post. you can see, Facebook  is also used Post Method .
Step 6 :-  Now Write the codes in Authentication_Controller.cs file as given below:-
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;

    public class Authentication_Controller : Controller
        // GET: /Authentication_/

        public ActionResult login_form()
            return View("login_form");
       // Add [Authorize] Attribute to Authenticate the below codes
        public ActionResult home_page()
          return View("home_page");
        public ActionResult Authenticate_User()
            //here we will check the users for forms authetication
            //first check whether username and passwordis correct or not
            if ((Request.Form["txt_id"] == "ram") && (Request.Form["txt_pass"] == "ram123"))
                FormsAuthentication.SetAuthCookie(Request.Form["txt_id"], true);
                return View("home_page");
            else if ((Request.Form["txt_id"] == "neha") && (Request.Form["txt_pass"] == "neha123"))
                FormsAuthentication.SetAuthCookie(Request.Form["txt_id"], true);
                return View("home_page");
            else if ((Request.Form["txt_id"] == "sujeet") && (Request.Form["txt_pass"] == "sujeet123"))
                FormsAuthentication.SetAuthCookie(Request.Form["txt_id"], true);
                return View("home_page");
                //if entered data(username and passowrd) is incorrect,then return back to login_form
                return View("login_form");
1.) First include namespace using System.Web.Security; This is used in form authentication.
2.) If any user want to login then it first call the ActionResult = Authenticate_User.
3.) Here I have used a [Authorize] attribute.Which is used form validation purpose.Means nobody (anonymous user) can access the data by passing the Urls in Browser directly.
4.) Here, i have validated the user name and password using RequestForm methods in controller class as shown in above codes.
5.) Here i have set cookie also.
6.) In above codes, our application returns a view "home_page". I will create it in Step 7
Step 7 :- Now Right click on Authenticate_User action --> Add a view (home_page) as shown below:-
Step 8:- Now design your login_page as shown below:-
Step 9:- Now Add ActionResult home_page under [Authorize] attribute as given below.You can see this codes in Step 6.
        public ActionResult home_page()
          return View("home_page");
Step 10:- Now open Web.Config file from Solution Explorer window --> Write the following codes as shown below:-
Note:- here 
<forms loginUrl="~/Authentication_/login_form" timeout="2880" /> 
<forms loginUrl="~/Controller-name/view-name" timeout="2880" />
Step 11:- Now Run the application (press F5)  --> You  will see following error as shown below:-
Step 12:- Now write the below syntax in your browser URLs--> press Enter as given below:-
Step 13:- Suppose any users want to access the home_page directly like login_form through browser . they can't access the home_page through browser because this page comes under [Authorize] attribute tag. if user verify the user name and password then he can access the home_page information.This authentication mechanism is called Form -based authentication 
Step 14:- Now  Enter user name and password Correctly  --> press Login button then you can access the home_page information as shown below:-
Step 15:- If you want to open login page without typing URLs in browser.Then you have change Routing table path . For more Information read below link
Routing table Real concepts in mvc application
For More...
  1. Learn Full concepts of sql server
  2. Learn Real concepts of WPF 
  3. Learn .NET  Full Interview Questions for Job seekers
  4. Submit Your Project online and earn money
  5. Learn Full concepts of c# language with real life examples
Download whole Attached  file 


Post a comment

Powered by Blogger.