About MVC Form authentication and mvcform

About MVC Form authentication and mvcform

Let's briefly talk about MVC Form authentication.

What should we do when using Form authentication for user login authentication in MVC projects? Next we will give you a brief introduction.

First, let's take a look at the steps

1. When a user logs on, if the user name and password are verified, the FormsAuthentication. SetAuthCookie () method must be called.

2. When you exit, you must call FormsAuthentication. SignOut ();

3. In the configuration file web. config and under the system. web node, configure <authentication mode = "Forms"/>

4. Verification: HttpContext. User. Identity. IsAuthenticated. If it is false, authentication fails. If it is true, authentication is successful.

The above three parts can complete the Form authentication for user login.

Now let's take a look at the specific code. (The code in the View will not be pasted. Just paste the code in the Controller)

1. Create a Model for User Login

1 public class LoginViewModel2 {3 [DisplayName ("UserName")] 4 public string UserName {get; set;} 5 [DisplayName ("Password")] 6 public string Password {get; set;} 7}

2. Create a logon Controller and a page. The Controller has two logon and logout actions.

 1     public class LoginController : Controller 2     { 3         // GET: Login 4         public ActionResult Index(LoginViewModel loginViewModel) 5         { 6             if (loginViewModel.UserName == "admin" && loginViewModel.Password == "123456") 7             { 8                 FormsAuthentication.SetAuthCookie(loginViewModel.UserName, false); 9                 return RedirectToAction("Index", "Main");10             }11             return View();12         }13 14         //GET: LogOut15         public ActionResult LogOut()16         {17             FormsAuthentication.SignOut();18             return RedirectToAction("Index", "Login");19         }20     }

3. After a logon is created, the user jumps to the page with the Controller

1     public class MainController : BaseController2     {3         // GET: Main4         public ActionResult Index()5         {6             return View();7         }8     }

4. After login, the Controller of the page to jump to is the inherited BaseController. How does BaseController write it?

1 public class BaseController: Controller 2 {3 protected override void OnActionExecuting (ActionExecutingContext filterContext) 4 {5 base. OnActionExecuting (filterContext); 6 // login authentication process 7 if (! FilterContext. HttpContext. User. Identity. IsAuthenticated) 8 {9 // 10 Response. Redirect ("~ /Login/Index "); 11} 12 else13 {14 // logged on, Action-level permission control processing 15 var controllerName = filterContext. routeData. values ["controller"]. toString (); // controller name 16 var actionName = filterContext. routeData. values ["action"]. toString (); // Action name 17 // check permissions according to controllerName and actionName 18/* 19 if () 20 {} 21 else22 {} 23 */24} 25} 26}

This BaseController is very simple. The general function is to inherit the controller of this BaseController. When the following Action is executed, Form verification is performed. If the verification succeeds ......, If the verification fails ......,

After logging on to the page, the Controller will inherit the BaseController, so that you do not have to repeatedly write Form authentication code in each Action in the Controller.

Is it easy?

Of course, the specific details are not involved here. Here we just briefly introduce you to the use of Form authentication. For details, refer to the blog posts of the great gods in the garden.