I have various AngularJS single page applications running in a single ASP .net MVC project.
In one of my AngularJS SPA's I need to create a login page which would show then show another page of information when successfully logged in. The username and passwords are stored in a database.
I am very new to ASP .net and would like some advice on the best way to (using my angular form) login and have some kind of session cookie so the user remains logged in for the duration of their session.
If you build SPA you with high probability use WebAPI. Reccomended way to authenticate API user is slightly different than usual cookie authentification.
To see how it works create a new project. If you have last VS2015 go to file -> New project -> ASP.NET Web Application -> Web API (Authentification: Individual UserAccounts).
If you just return Json(someData) in your MVC contollers and already have authentification it should work fine on tradition cookie authentification.
Related
I am not experienced in .NET authentication, and haven't found a specific answer for this need.
I am developing a .NET Core 2.1 MVC app which will have to run on an iframe on a different .NET Framework 4.5.1 app, which uses a FormsAuthenticationTicket when authenticating users. I have access to the main app's code, but cannot change it.
The present requirement is to automatically authenticate the iframe app, which I am developing, automatically from the main app's cookie information. On my app the login uses ASP.NET boilerplate (Abp) users and login, and the database contains the same usernames that will be using from the main app's database (different databases, same username field).
I currently haven't been able to decrypt the cookie or find a way to configure the iframe app to support this, and would appreciate if someone would kindly steer me in the right direction.
We have a large legacy web forms application.
We would like to continue to extend the functionality of it (add new pages). But we would like to stop adding more Web Forms code and instead would like to use Blazor to develop all new features going forward.
Ideally, a link from a Web Form page would redirect the browser to a page served by a Blazor app and vice-versa and the transition would be indistinguishable to the user.
Is this possible? If yes, how can it be done?
Also, what about authentication? Ideally, the user would login in our existing Web Form app and would not need to login again when transitioning to the Blazor app.
What I did:
Host the blazor application in a subfolder under the existing app:
myapp.com/oldapp
myapp.com/oldapp/blazor
You can just add links between them, If you use the same layout users should not notice.
Now because you are using the same hostname, you can issue a cookie with a JWT token on login in the old app, and because the new app runs on the same hostname the blazor app can pickup this cookie and use the token to do requests to a new backend API that is also using JWT auth.
I am working on a project where it involves the feature of Login/Authentication using ASP.Net Identity. I used SQL Server database successfully and used Role based authentication. However, after successful login, I want to redirect the user to AngularJS app's page.
For this, I have app folder in my project which consists app.js and other controller files to route.
I don't know how should I redirect to AngularJS app after users logins.
Any tips/comments would be really helpful.
I am attempting to implement a claims based solution into an application. I have an MVC/Classic ASP application, as well as an STS. After authenticating with the STS, I can see the AUTH_USER server variable from my MVC pages. However, this (as well as AUTH_TYPE, LOGON_USER, etc) are not visible in my Classic ASP pages. I would like to be able to test against a server variable that a user is in fact authenticated on the server. If possible, I could read the claim created by the STS to validate the user with my classic ASP pages (not sure if that's an option)
Basically I need a way for my classic asp pages to know that the user is valid when I am logging in via an STS.
Thanks!
I need to build a "my account" application for my friend. I plan to use asp.net MVC 3.
I have to use third party API to authenticate users. if this is regular web application, it is easy, I submit the request using third party API, get response back. if this is authorized user, create a session. ON all the protected pages, i just check the session, if it is exist, then show the content, otherwise redirect back to login page.
I probably can do the same on my mvc3 project, but I know that definitely is a wrong approach. MVC3 is very flexiable. there must be a better way to do it. After I get response back from the third party API. What should I do after that? please show me some codes if you can.
Use the ASP.NET membership provider and create a custom provider to hook into your API. This gets a lot of the hard work done for you and you're not "reinventing the wheel". There's a great overview about how to do this with MVC here: http://theintegrity.co.uk/2010/11/asp-net-mvc-2-custom-membership-provider-tutorial-part-1/
Create a new MVC 3 application using the "Internet Application" template when you do file-new project.
All the code is then created for you - in visual studio click on the "ASP.NET Configuration" icon in solution explorer.
create your users and your roles
decorate your controllers and/or action methods with
[Authorize(Roles="Administrators")]
public class MyAdminOnlyController : Controller
{
}
Configure additional features such as forgotten password functionality, password resets, etc. Some additional features will require coding.
Done!
I don't think using MVC3 for authentication is anything different than regular web app. In your controller, you will send the username and password getting from the view to the API,getting the response back.
You can then save it to session and check against it on any page you want to be protected.
MVC is just the way to separate view logic, business logic and data model. The application flow is the same.
ASP.NET already build ASP.NET membership provider. The back end data can be stored in ASP.NET Configuration website, SQL Server database,Active Directory, and another database but you need to custom the authentication provider.
this is the expample for SQLServer Membership provider, for the detail documentation you can read from here
For ASP.NET Configuration management Membership provider, you can read from Music Store ASP.NET MVC tutorial in Membership and Authorization section. If you want to learn about ASP.NET MVC authentication/authorization. Music Store example is a recommended tutorial for exploring ASP.NET MVC3 feature, Entity Framework and Authentication also.