Sunday, February 22, 2015

WebSecurity in Asp.Net MVC 4 – Part 2

WebSecurity in Asp.Net MVC 4 – Part 2

In this blog, I’m making a login form using websecurity in asp.net mvc 4.

If you want to learn how to install and access websecurity in the project , then read my previous blog:



I’m continuing from my previous blog WebSecurity inAsp.Net Mvc 4 – Part 1, in the index page you can see that I have created a link of Login but I have not implemented the code for it, so let start with implementing the login form using websecurity.

Step 1:


First create a model class named  ”Login” and write the below code in it:


using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.Linq;
using System.Web;

namespace WebSecurityMvcApp.Models
{
    public class Login
    {
        [Required]
        public string EmailId { get; set; }
        [Required]
        public string Password { get; set; }
        public bool RememberMe { get; set; }

    }
}

Step 2:


Now write the below code in Account Controller:


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using WebMatrix.WebData;
using WebSecurityMvcApp.Models;

namespace WebSecurityMvcApp.Controllers
{
    public class AccountController : Controller
    {

        [HttpGet]
        public ActionResult Login()
        {
            return View();
        }

        [HttpPost]
        public ActionResult Login(Login model)
        {
            if(ModelState.IsValid && WebSecurity.Login(model.EmailId,model.Password, persistCookie: model.RememberMe))
            {
                return RedirectToAction("Index", "Home");
            }
            else{
                TempData["Failure"] = "EmailId or Password provided is incorrect";
            }
            return View();
        }

      
        public ActionResult Logout()
        {
            WebSecurity.Logout();

            return RedirectToAction("Index", "Home");
        }

        [HttpGet]
        public ActionResult Register()
        {
            return View();
        }

        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult Register(Register model)
        {
            if (ModelState.IsValid)
            {
                if(!WebSecurity.UserExists(model.EmailId))
                {
                    WebSecurity.CreateUserAndAccount(model.EmailId, model.Password, new {
                        Firstname = model.Firstname,
                        Lastname = model.Lastname
                    });
                    TempData["Success"] = "Registration Successful";
                    ModelState.Clear();
                }
                else
                    TempData["Failure"] = "Email Id already in use.";
            }
           
            return View();
        }
    }
}

Step 3:

Now modify some code in the Index view like this:


@{
    ViewBag.Title = "Index";
}
<link href="~/Content/bootstrap.min.css" rel="stylesheet" />
<br />
<br />
<br />
<div class="row" style="width: 100%;">
    <div class="col-md-8 col-md-offset-2 well">
        @if (WebSecurity.IsAuthenticated)
        {
            <div class="col-md-2">
                @WebSecurity.CurrentUserName
            </div>
            <div class="col-md-2">
                @Html.ActionLink("Logout", "Logout", "Account")
            </div>
        }
        else
        {
            <div class="col-md-2">
                @Html.ActionLink("Login", "Login", "Account")
            </div>
            <div class="col-md-2">
                @Html.ActionLink("Register", "Register", "Account")
            </div>
        }
    </div>
</div>

Output

Now run the application:


Click on the login to open the login form:




Enter your email Id and password and click on enter button:




If you enter wrong password or email id then you will get the above message.


Now enter correct email id and password and you will logged in the application:






Clicking on the logout, you will logout of the application.






No comments:

Post a Comment