Authentication and authorization using ASP.NET MVC
Step1: Select ASP.NET Web Application (.NET Framework)
Step2: Type project and solution name
Type project name as “MVCAuth” and also solution name as “MVC Auth”
Step 3: Select project template
- Select project template as Web Application (Model-View-Controller)
- Change authentication to Individual User Authentication
- Click create button
Step 4: Change web.config file
<add name="DefaultConnection" connectionString="Data Source=localhost;Initial Catalog=AuthDB;Persist Security Info=False;User ID=sa; Password=mahedee.net; Pooling=False;MultipleActiveResultSets=False;Encrypt=False;TrustServerCertificate=False" providerName="System.Data.SqlClient" />
Step 5: Add some model and view model class
- Create Role Model class in Models folder as follows
public class Role : IdentityRole { } - Create UserRoleVM View Model class in Models folder as follows
public class UserRoleVM { public string UserId { get; set; } public string RoleId { get; set; } public string UserName { get; set; } public string RoleName { get; set; } } - Create UsersRolesVM View Model class in Models folder as follows
public class UsersRolesVM { //public string UserName { get; set; } public ApplicationUser User { get; set; } public IEnumerable<string> RoleNames { get; set; } }
Step 6: Add Controllers to the application
- Add RolesController in Controllers folder
- Choose template MVC 5 Controller with read/write actions
- Modify RolesController as follows
public class RolesController : Controller
{
private ApplicationDbContext db = new ApplicationDbContext();
// GET: Roles
public ActionResult Index()
{
var roleStore = new RoleStore<IdentityRole>(db);
var roleManager = new RoleManager<IdentityRole>(roleStore);
var roles = roleManager.Roles.ToList();
return View(roles);
}
// GET: Roles/Details/5
public ActionResult Details(int id)
{
return View();
}
// GET: Roles/Create
public ActionResult Create()
{
return View();
}
// POST: Roles/Create
[HttpPost]
public ActionResult Create(IdentityRole role)
{
try
{
// TODO: Add insert logic here
var roleStore = new RoleStore<IdentityRole>(db);
var roleManager = new RoleManager<IdentityRole>(roleStore);
if(!roleManager.RoleExists(role.Name))
{
roleManager.Create(role);
}
return RedirectToAction("Index");
}
catch
{
return View();
}
}
// GET: Roles/Edit/5
public ActionResult Edit(int id)
{
return View();
}
// POST: Roles/Edit/5
[HttpPost]
public ActionResult Edit(int id, FormCollection collection)
{
try
{
// TODO: Add update logic here
return RedirectToAction("Index");
}
catch
{
return View();
}
}
// GET: Roles/Delete/5
public ActionResult Delete(int id)
{
return View();
}
// POST: Roles/Delete/5
[HttpPost]
public ActionResult Delete(int id, FormCollection collection)
{
try
{
// TODO: Add delete logic here
return RedirectToAction("Index");
}
catch
{
return View();
}
}
}
- Add UsersRoleController in Controllers folder
- Choose template MVC 5 Controller with read/write actions
- Modify UsersRoleController as follows
public class UsersRoleController : Controller
{
ApplicationDbContext db = new ApplicationDbContext();
// GET: UsersRole
public ActionResult Index()
{
List<UsersRolesVM> usersRolesVMs = new List<UsersRolesVM>();
List<ApplicationUser> users = db.Users.ToList();
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(db));
foreach (ApplicationUser user in users)
{
UsersRolesVM usersRolesVM = new UsersRolesVM();
usersRolesVM.User = user;
usersRolesVM.RoleNames = userManager.GetRoles(user.Id);
usersRolesVMs.Add(usersRolesVM);
}
return View(usersRolesVMs);
}
// GET: UsersRole/Details/5
public ActionResult Details(int id)
{
return View();
}
// GET: UsersRole/Create
public ActionResult Create()
{
var roleStore = new RoleStore<IdentityRole>(db);
var roleManager = new RoleManager<IdentityRole>(roleStore);
var roles = roleManager.Roles.ToList();
ViewBag.UserId = new SelectList(db.Users.ToList(), "Id", "UserName");
ViewBag.RoleName = new SelectList(roles, "Name", "Name");
return View();
}
// POST: UsersRole/Create
[HttpPost]
//public ActionResult Create(FormCollection collection)
public ActionResult Create(UserRoleVM userRole)
{
try
{
if(userRole != null)
{
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(db));
userManager.AddToRole(userRole.UserId, userRole.RoleName);
}
return RedirectToAction("Index");
}
catch
{
return View();
}
}
// GET: UsersRole/Edit/5
public ActionResult Edit(int id)
{
return View();
}
// POST: UsersRole/Edit/5
[HttpPost]
public ActionResult Edit(int id, FormCollection collection)
{
try
{
// TODO: Add update logic here
return RedirectToAction("Index");
}
catch
{
return View();
}
}
// GET: UsersRole/Delete/5
public ActionResult Delete(int id)
{
return View();
}
// POST: UsersRole/Delete/5
[HttpPost]
public ActionResult Delete(int id, FormCollection collection)
{
try
{
// TODO: Add delete logic here
return RedirectToAction("Index");
}
catch
{
return View();
}
}
}
Step 7: Create Roles View to the application
- Add Index View in Views->Roles folder
- Add Create View in Views->Roles folder
- Modify views as follows
Index.cshtml
@model IEnumerable<Microsoft.AspNet.Identity.EntityFramework.IdentityRole>
@{
ViewBag.Title = "Index";
}
<h2>Index</h2>
<p>
@Html.ActionLink("Create New", "Create")
</p>
<table class="table">
<tr>
<th>
@Html.DisplayNameFor(model => model.Name)
</th>
<th></th>
</tr>
@foreach (var item in Model) {
<tr>
<td>
@Html.DisplayFor(modelItem => item.Name)
</td>
<td>
@Html.ActionLink("Edit", "Edit", new { id=item.Id }) |
@Html.ActionLink("Details", "Details", new { id=item.Id }) |
@Html.ActionLink("Delete", "Delete", new { id=item.Id })
</td>
</tr>
}
</table>
Create.cshtml
@*@model MVCAuth.Models.Role*@
@model Microsoft.AspNet.Identity.EntityFramework.IdentityRole
@{
ViewBag.Title = "Create";
}
<h2>Create</h2>
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
<div class="form-horizontal">
<h4>Role</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(model => model.Name, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.EditorFor(model => model.Name, new { htmlAttributes = new { @class = "form-control" } })
@Html.ValidationMessageFor(model => model.Name, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Create" class="btn btn-default" />
</div>
</div>
</div>
}
<div>
@Html.ActionLink("Back to List", "Index")
</div>
@section Scripts {
@Scripts.Render("~/bundles/jqueryval")
}
Step 8: Create UsersRole View to the application
- Add Index View in Views->UsersRole folder
- Add Create View in Views->UsersRole folder
- Modify views as follows
Index.cshtml
@model IEnumerable<MVCAuth.Models.UsersRolesVM>
@{
ViewBag.Title = "Index";
}
<h2>Index</h2>
<p>
@Html.ActionLink("Create New", "Create")
</p>
<table class="table">
<tr>
<th>
@*@Html.DisplayNameFor(model => model.UserName)*@
User Name
</th>
<th>
@*@Html.DisplayNameFor(model => model.RoleName)*@
Roles Name
</th>
<th></th>
</tr>
@foreach (var users in Model)
{
foreach (string rolesName in users.RoleNames)
{
<tr>
<td>
@Html.DisplayFor(modelItem => users.User.UserName)
</td>
<td>
@Html.DisplayFor(modelItem => rolesName)
</td>
<td>
@Html.ActionLink("Delete", "Delete", new { id = 1 })
</td>
</tr>
}
}
</table>
Create.cshtml
@model MVCAuth.Models.UserRoleVM
@{
ViewBag.Title = "Create";
}
<h2>Create</h2>
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
<div class="form-horizontal">
<h4>UserRoleVM</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(model => model.UserName, "UserName", htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.DropDownList("UserId", null, htmlAttributes: new { @class = "form-control" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(model => model.RoleName, "RoleName", htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.DropDownList("RoleName", null, htmlAttributes: new { @class = "form-control" })
@Html.ValidationMessageFor(model => model.UserName, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Create" class="btn btn-default" />
</div>
</div>
</div>
}
<div>
@Html.ActionLink("Back to List", "Index")
</div>
@section Scripts {
@Scripts.Render("~/bundles/jqueryval")
}
Step 9: Run migration command in package manager console
Now the application is ready to run.