0

I am just starting to use ASP.Net MVC5 and I am having a little challenge. I have an already built system that uses WebForms and I am migrating it to MVC.

I understand that MVC provides an Authentication and Authorization provider, but I want to implement a simple login based on the database I already have. In my previous system, when a user logs in, the id and role of the user is stored in a session variable and checked across all pages. The id is also used for some tasks in the app. Is there a way to use MVC Identity Management with my existing database?

I tried the following from a previous post but can't seem to get it working.

[HttpPost]
public ActionResult Login(string username, string password)
{
  if (new UserManager.IsValid(username, password))
  {
      var ident = new ClaimsIdentity(
      new[] { 
               // adding following 2 claim just for supporting default antiforgery provider
               new Claim(ClaimTypes.NameIdentifier, username),
               new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),
               new Claim(ClaimTypes.Name,username),

                // optionally you could add roles if any
                new Claim(ClaimTypes.Role, "RoleName"),
                new Claim(ClaimTypes.Role, "AnotherRole"),

            },
      DefaultAuthenticationTypes.ApplicationCookie);

      HttpContext.GetOwinContext().Authentication.SignIn(
      new AuthenticationProperties { IsPersistent = false }, ident);
      return RedirectToAction("MyAction"); // auth succeed 
  }
  // invalid username or password
  ModelState.AddModelError("", "invalid username or password");
  return View();
}

class UserManager
{
   public bool IsValid(string username, string password)
   {
       using(var db=new MyDbContext()) // use your DbConext
       {
          // if your users set name is Users
          return db.Users.Any(u=>u.Username==username 
                              && u.Password==password); 
       }
    }
 }

Please any help and suggestions will be appreciated.

Abdul
  • 2,002
  • 7
  • 31
  • 65
elfico
  • 450
  • 1
  • 6
  • 13
  • Have you looked into using the UserManager? You can get the current user logged in details, create users etc etc – Andrew Kilburn Jun 23 '16 at 11:29
  • I created the `UserManager` as a class and tried to use it, but errors were shown on the controller class. – elfico Jun 23 '16 at 12:21
  • What errors did you get? – Andrew Kilburn Jun 23 '16 at 12:29
  • this may help : http://www.c-sharpcorner.com/UploadFile/56fb14/custom-authorization-in-mvc/ – Anupam Singh Jun 23 '16 at 12:34
  • @AndrewKilburn, thanks. I have succeeded in getting rid of the errors and I can login, but, after login in, I am not able access controllers that I have given the [Authorize]. – elfico Jun 27 '16 at 12:41
  • Thanks @AnupamSingh – elfico Jun 27 '16 at 12:41
  • @elfico This is probably because you're not Authorized to get into that controller. Check if you have the correct roles. – Andrew Kilburn Jun 27 '16 at 13:14
  • @AndrewKilburn, I used a simple [Authorize] verb. I didnt specify it for a role. Also, for this piece of code `HttpContext.GetOwinContext().Authentication.SignIn(` , I couldnt get HttpContext to work, so I changed it to : `IOwinContext context = new OwinContext(); context.Authentication.SignIn(` – elfico Jun 27 '16 at 13:31
  • @elfico Okay, i think the authorize tag just checks to see if youre signed in. I don't believe it will work if you have made a custom log in – Andrew Kilburn Jun 27 '16 at 13:34

0 Answers0