1

So, i am implementing authentification in my app. Creditianals stored in xml files(not real project).

Here is code:

public ActionResult Login(LoginModel model, string returnUrl)
    {
        if (ModelState.IsValid && Membership.ValidateUser(model.UserName, model.Password))
        {
            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
            return RedirectToAction("Index", "Objects", new ObjectsModel(//user name));
        }

        // If we got this far, something failed, redisplay form
        ModelState.AddModelError("", "The user name or password provided is incorrect.");
        return View(model);
    }


public class CustomMembershipProvider : SimpleMembershipProvider
{
    public override bool ValidateUser(string username, string password)
    {
        return true;
    }
}

[Authorize]
public class ObjectsController : Controller
{
    public ActionResult Index()
    {
        return View(new ObjectsModel(//get authentificated username));
    }
}

Two questions:

  1. Am i doing it right? Or i must use WebSecurity etc. And is it enough for secure app? Or i have great misunderstanding of whole staff?
  2. How i can get loged in UserName in ObjectsController(commented line)?
Improve this question

2 Answers 2

Reset to default
2

Am i doing it right? Or i must use WebSecurity etc. And is it enough for secure app? Or i have great misunderstanding of whole staff?

  • Custom authentication requires lot of work to do as part of Membership infrastructure which contains UserContext, UserProfiles, IPrincipal. If you just want to validate user against file instead model/dbcontext, that can be done with minimal efforts with standard WebSecurity implementation.

  • Visual Studio comes with asp.net mvc template project membership implementation-ready code. It will give you deep glimpse of models, context.

You can see this article for more information.

How i can get loged in UserName in ObjectsController(commented line)?

  • Ideally your custom authentication should expose IPrincipal user context(User.Identity), which you can utilize everywhere around the project views/controllers.
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Visual Studio comes with Asp.Net MVC Template project membership implementation-ready code.(Yes @PalakBhansali answer is correct).

You can get sample application by Creating New project in visual studio. You can able to modify the codes as your wish.

File-> New -> Visual C# -> Web -> ASP.NET MVC 4/3/2 Application.

Note : Not an Empty Web Application

  • It will be a Secure app.
  • You can get logged in User Name through @User.Identity.Name.
  • Then You are doing right for learning project.

Good Luck ;)

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.