How to log in using ASP.NET MVC4?

Question

How to log in using ASP.NET MVC4?

Here are some code snippets from my attempt. This does not work; after "logging in" the user is not redirected to the home page / index, but the login page simply reloads.

Web.config:

<authentication mode="Forms"> <forms loginUrl="~/Account/Login" /> </authentication> ... <defaultDocument> <files> <add value="~/Account/Login"/> </files> </defaultDocument>

Controllers / AccountController.cs:

 public class AccountController : Controller { // // GET: /Account/Login public ActionResult Login() { return View(); } }

Views / Account / Login.aspx:

 <asp:Login ID="login" runat="server" DestinationPageUrl="~/Views/Home/Index.aspx"> ... </asp:Login>

+4

c # login asp.net-mvc asp.net-mvc-4

Kalina Nov 05 '12 at 22:17

source share

2 answers

I suspect you are not setting a cookie to authenticate forms, so the redirect does not work. Ideally, in your login method, you will verify the username and password using some sort of logic, and when you are satisfied that the user is legitimate, you should set the forms authentication cookie and then redirect the user

 FormsAuthentication.SetAuthCookie(username, true); return Redirect(returnurl);

If you do not set up an authentication cookie, the redirect will not work, as the request will still be considered as an unauthenticated request, and the user will be sent back to the login page. You can find more information about forms here.

http://msdn.microsoft.com/en-us/library/xdt4thhy%28v=vs.71%29.aspx

+2

user1625066 Nov 05 '12 at 22:27

source share

Yasser · Accepted Answer · 2012-11-06T05:44:47+0000

Are you using ASP.NET MVC 4 Internet Template? if not, I suggest you create a new ASP.NET MVC project using the Internet template, open the account controller and see the methods.

Since @ user1 correctly said one way to do this, use

  FormsAuthentication.SetAuthCookie(username, true); return Redirect(returnurl);

But, as you say, you are using ASP.NET MVC 4. You must use the WebSecurity class .

For instance:

 WebSecurity.Login(model.UserName, model.Password); return RedirectToAction("Index", "Home");

Most of the work is done using the following methods and properties of the WebSecurity assistant:

WebSecurty.UserExists , WebSecurity.CreateUserAndAccount . These methods allow you to determine if someone is registered and register them.
WebSecurty.IsAuthenticated . This property allows you to determine whether the current user is registered. This is useful for redirecting users to the login page if they are not already logged in.
WebSecurity.Login , WebSecurity.Logout . These methods register the user in or out.
WebSecurity.CurrentUserName . This property is useful for displaying the current username during login (if the user is logged in).
WebSecurity.ConfirmAccount . This method is useful if you have set up email confirmation for registration. (Details are described in the blog post. Using the verification feature to secure ASP.NET web pages.)

Further reading:

How to log in using ASP.NET MVC4?

More articles: