• Tech
  • Forums
  • Jobs
  • Books
  • Events
  • Videos
  • Live
    • Interviews
    • Certification
    • Training
    • Career
    • Members
    • News
    • Blogs
  • An Article
  • A Blog
  • A Video
  • An Ebook
  • An Interview Question
  • Feed
  • Dashboard
  • Wallet
  • Learn
  • Achievements
  • Network
  • Rewards
  • SharpGPT
  • Premium
  • Register
  • Login
.NET

Rolebased Login Page Access in MVC

  • WhatsApp
  • Naren Kumar Kumaresan Naren Kumar Kumaresan
  • 9y
  • 2.3k
  • 0
  • 0
    • 25
  • Blog

Step 1: Create Table.

query

  1. CREATE TABLE [dbo].[Roles](  
  2. [RoleID] [int] IDENTITY(1,1) NOT NULL,  
  3. [ROleName] [varchar](50) NOT NULL,  
  4. PRIMARY KEY CLUSTERED  
  5. (  
  6. [RoleID] ASC  
  7. )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]  
  8. ) ON [PRIMARY]  
  9. GO  
  10. SET ANSI_PADDING OFF  
  11. GO  
  12. /****** Object: Table [dbo].[UserRoles] Script Date: 7/4/2015 5:55:16 PM ******/  
  13. SET ANSI_NULLS ON  
  14. GO  
  15. SET QUOTED_IDENTIFIER ON  
  16. GO  
  17. CREATE TABLE [dbo].[UserRoles](  
  18. [UserRolesID] [int] IDENTITY(1,1) NOT NULL,  
  19. [RoleID] [int] NOT NULL,  
  20. [UserID] [int] NOT NULL,  
  21. PRIMARY KEY CLUSTERED  
  22. (  
  23. [UserRolesID] ASC  
  24. )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]  
  25. ) ON [PRIMARY]  
  26. GO  
  27. /****** Object: Table [dbo].[Users] Script Date: 7/4/2015 5:55:16 PM ******/  
  28. SET ANSI_NULLS ON  
  29. GO  
  30. SET QUOTED_IDENTIFIER ON  
  31. GO  
  32. SET ANSI_PADDING ON  
  33. GO  
  34. CREATE TABLE [dbo].[Users](  
  35. [UserID] [int] IDENTITY(1,1) NOT NULL,  
  36. [Username] [varchar](50) NOT NULL,  
  37. [Password] [varchar](50) NOT NULL,  
  38. [FirstName] [varchar](50) NOT NULL,  
  39. [LastName] [varchar](50) NULL,  
  40. [EmailID] [varchar](200) NULL,  
  41. PRIMARY KEY CLUSTERED  
  42. (  
  43. [UserID] ASC  
  44. )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]  
  45. ) ON [PRIMARY]  
  46. GO  
  47. SET ANSI_PADDING OFF  
  48. GO  
  49. SET IDENTITY_INSERT [dbo].[Roles] ON  
  50. GO  
  51. INSERT [dbo].[Roles] ([RoleID], [ROleName]) VALUES (1, N'Admin')  
  52. GO  
  53. INSERT [dbo].[Roles] ([RoleID], [ROleName]) VALUES (2, N'User')  
  54. GO  
  55. SET IDENTITY_INSERT [dbo].[Roles] OFF  
  56. GO  
  57. SET IDENTITY_INSERT [dbo].[UserRoles] ON  
  58. GO  
  59. INSERT [dbo].[UserRoles] ([UserRolesID], [RoleID], [UserID]) VALUES (1, 1, 1)  
  60. GO  
  61. INSERT [dbo].[UserRoles] ([UserRolesID], [RoleID], [UserID]) VALUES (2, 2, 2)  
  62. GO  
  63. SET IDENTITY_INSERT [dbo].[UserRoles] OFF  
  64. GO  
  65. SET IDENTITY_INSERT [dbo].[Users] ON  
  66. GO  
  67. INSERT [dbo].[Users] ([UserID], [Username], [Password], [FirstName], [LastName], [EmailID]) VALUES (1, N'knk', N'knk', N'sample', N'sample1', N'[email protected]')  
  68. GO  
  69. INSERT [dbo].[Users] ([UserID], [Username], [Password], [FirstName], [LastName], [EmailID]) VALUES (2, N'kumar', N'kumar', N'run', N'ran', N'[email protected]')  
  70. GO  
  71. SET IDENTITY_INSERT [dbo].[Users] OFF  
  72. GO

Step 2: Create a project.

Go to File, then New and click Project. Select ASP.NET MVC 4 Web Application and enter the project name, then click OK, select Empty, select View Engine Razor and press OK.

Step 3: Add model

  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.ComponentModel.DataAnnotations;  
  4. using System.Linq;  
  5. using System.Web;  
  6. namespace MvcApplication2.Models {  
  7.     public class login {  
  8.         [Required(ErrorMessage = "Username required.", AllowEmptyStrings = false)]  
  9.         public string Username {  
  10.             get;  
  11.             set;  
  12.         }  
  13.         [Required(ErrorMessage = "Password required.", AllowEmptyStrings = false)]  
  14.         [DataType(System.ComponentModel.DataAnnotations.DataType.Password)]  
  15.         public string Password {  
  16.             get;  
  17.             set;  
  18.         }  
  19.         public bool RememberMe {  
  20.             get;  
  21.             set;  
  22.         }  
  23.     }  
  24. }

Step 4: Add Home Controller.

add controller

Home Contrtoller.cs

  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.Linq;  
  4. using System.Web;  
  5. using System.Web.Mvc;  
  6.   
  7. namespace MvcAuthentication.Controllers {  
  8.     public class HomeController: Controller {  
  9.         [AllowAnonymous] //This is for Un-Authorize User  
  10.         public ActionResult Index() {  
  11.             return View();  
  12.         }  
  13.   
  14.         [Authorize] // This is for Authorize user  
  15.         public ActionResult MyProfile() {  
  16.             return View();  
  17.         }  
  18.   
  19.         [Authorize(Roles = "Admin")]  
  20.         public ActionResult AdminIndex() {  
  21.             return View();  
  22.         }  
  23.   
  24.         [Authorize(Roles = "User")]  
  25.         public ActionResult UserIndex() {  
  26.             return View();  
  27.         }  
  28.   
  29.     }  
  30. }

Step 5: Add view.

add

Index.cshtml;

  1. @{  
  2.    ViewBag.Title = "Index";  
  3. }  
  4. <h2>Index</h2>  
  5. <h3>Welcome Guest - This is for all the anonymous user</h3>  
  6. Myprofile.cshtml  
  7. @{  
  8.    ViewBag.Title = "MyProfile";  
  9. }  
  10. <h2>My Profile</h2>  
  11. <h3>Welcome @(Request.IsAuthenticated ? HttpContext.Current.User.Identity.Name : "Guest") - This is for Authorized user </h3>

Userindex.cshtml

  1. @{  
  2.    ViewBag.Title = "UserIndex";  
  3. }  
  4. <h2>User Index</h2>  
  5. <div>Welcome @(Request.IsAuthenticated? HttpContext.Current.User.Identity.Name : "") (User) </div> 

Admin.cshtml

  1. @{  
  2.    ViewBag.Title = "AdminIndex";  
  3. }  
  4. <h2>Admin Index</h2>  
  5.    <div>Welcome @(Request.IsAuthenticated? HttpContext.Current.User.Identity.Name : "") (Admin)</div>

Step 6: Add Myaccount Controller:

MyAccountController.cs

  1. using MvcAuthentication.Models;  
  2. using System;  
  3. using System.Collections.Generic;  
  4. using System.Linq;  
  5. using System.Web;  
  6. using System.Web.Mvc;  
  7. using System.Web.Security;  
  8.   
  9. namespace MvcAuthentication.Controllers {  
  10.     public class MyAccountController: Controller {  
  11.         public ActionResult Login() {  
  12.             return View();  
  13.         }  
  14.   
  15.         [HttpPost]  
  16.         [ValidateAntiForgeryToken]  
  17.         public ActionResult Login(Login l, string ReturnUrl = "") {  
  18.   
  19.   
  20.             //Here I am going to use Membership provider to validate user  
  21.             if (ModelState.IsValid) {  
  22.                 var isValidUser = Membership.ValidateUser(l.Username, l.Password);  
  23.                 if (isValidUser) {  
  24.                     FormsAuthentication.SetAuthCookie(l.Username, l.RememberMe);  
  25.                     if (Url.IsLocalUrl(ReturnUrl)) {  
  26.                         return Redirect(ReturnUrl);  
  27.                     } else {  
  28.                         return RedirectToAction("Index", "Home");  
  29.                     }  
  30.                 }  
  31.             }  
  32.   
  33.   
  34.             ModelState.Remove("Password");  
  35.             return View();  
  36.         }  
  37.   
  38.         [Authorize]  
  39.         public ActionResult Logout() {  
  40.             FormsAuthentication.SignOut();  
  41.             return RedirectToAction("Index", "Home");  
  42.         }  
  43.     }  
  44. }

Step 7: Add view Myaccount.

Login.cshtml;

  1. @model MvcAuthentication.Models.Login  
  2.   
  3. @{  
  4.     ViewBag.Title = "Login";  
  5. }  
  6.   
  7. <h2>Login</h2>  
  8.   
  9.     @using (Html.BeginForm()) {  
  10.         @Html.ValidationSummary(true)  
  11.         @Html.AntiForgeryToken()  
  12.             <fieldset>  
  13.                 <legend>Login</legend>  
  14.                 <div class="editor-label">  
  15.                   @Html.LabelFor(model => model.Username)  
  16.                 </div>  
  17.                 <div class="editor-field">  
  18.                     @Html.EditorFor(model => model.Username)  
  19.                     @Html.ValidationMessageFor(model => model.Username)  
  20.                 </div>  
  21.                 <div class="editor-label">  
  22.                    @Html.LabelFor(model => model.Password)  
  23.              </div>  
  24.              <div class="editor-field">  
  25.                     @Html.EditorFor(model => model.Password)  
  26.                     @Html.ValidationMessageFor(model => model.Password)  
  27.              </div>  
  28.              <div class="editor-label">  
  29.                  @Html.LabelFor(model => model.RememberMe)  
  30.              </div>  
  31.                 <div class="editor-field">  
  32.                  @Html.EditorFor(model => model.RememberMe)  
  33.                   @Html.ValidationMessageFor(model => model.RememberMe)  
  34.              </div>  
  35.              <p>  
  36.                   <input type="submit" value="Create" />  
  37.              </p>  
  38.             </fieldset>     
  39.   
  40.     }  
  41.   
  42.   
  43.     <div>  
  44.          @Html.ActionLink("Back to List", "Index")  
  45.     </div>  
  46.   
  47.     @section Scripts {  
  48.         @Scripts.Render("~/bundles/jqueryval")  
  49.     }

Step 8: Add Entity Data Model.

table

Step 9: Add two cs Files.

MyRoleProvider.cs

  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.Linq;  
  4. using System.Web;  
  5. using System.Web.Caching;  
  6. using System.Web.Security;  
  7.   
  8. namespace MvcAuthentication {  
  9.     public class MyRoleProvider: RoleProvider {  
  10.         private int _cacheTimeoutInMinute = 20;  
  11.         public override void AddUsersToRoles(string[] usernames, string[] roleNames) {  
  12.             throw new NotImplementedException();  
  13.         }  
  14.   
  15.         public override string ApplicationName {  
  16.             get {  
  17.                 throw new NotImplementedException();  
  18.             }  
  19.             set {  
  20.                 throw new NotImplementedException();  
  21.             }  
  22.         }  
  23.   
  24.         public override void CreateRole(string roleName) {  
  25.             throw new NotImplementedException();  
  26.         }  
  27.   
  28.         public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) {  
  29.             throw new NotImplementedException();  
  30.         }  
  31.   
  32.         public override string[] FindUsersInRole(string roleName, string usernameToMatch) {  
  33.             throw new NotImplementedException();  
  34.         }  
  35.   
  36.         public override string[] GetAllRoles() {  
  37.             throw new NotImplementedException();  
  38.         }  
  39.   
  40.         public override string[] GetRolesForUser(string username) {  
  41.             if (!HttpContext.Current.User.Identity.IsAuthenticated) {  
  42.                 return null;  
  43.             }  
  44.   
  45.             //check cache  
  46.             var cacheKey = string.Format("{0}_role", username);  
  47.             if (HttpRuntime.Cache[cacheKey] != null) {  
  48.                 return (string[]) HttpRuntime.Cache[cacheKey];  
  49.             }  
  50.             string[] roles = new string[] {};  
  51.             using(RBACEntities dc = new RBACEntities()) {  
  52.                 roles = (from a in dc.Roles  
  53.                 join b in dc.UserRoles on a.RoleID equals b.RoleID  
  54.                 join c in dc.Users on b.UserID equals c.UserID  
  55.                 where c.Username.Equals(username)  
  56.                 select a.ROleName).ToArray < string > ();  
  57.                 if (roles.Count() > 0) {  
  58.                     HttpRuntime.Cache.Insert(cacheKey, roles, null, DateTime.Now.AddMinutes(_cacheTimeoutInMinute), Cache.NoSlidingExpiration);  
  59.   
  60.                 }  
  61.             }  
  62.             return roles;  
  63.         }  
  64.   
  65.         public override string[] GetUsersInRole(string roleName) {  
  66.             throw new NotImplementedException();  
  67.         }  
  68.   
  69.         public override bool IsUserInRole(string username, string roleName) {  
  70.             var userRoles = GetRolesForUser(username);  
  71.             return userRoles.Contains(roleName);  
  72.         }  
  73.   
  74.         public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) {  
  75.             throw new NotImplementedException();  
  76.         }  
  77.   
  78.         public override bool RoleExists(string roleName) {  
  79.             throw new NotImplementedException();  
  80.         }  
  81.     }  
  82. }

MyMembershipProvider.cs

  1. using System;  
  2. using System.Collections.Generic;  
  3. using System.Linq;  
  4. using System.Web;  
  5. using System.Web.Security;  
  6.   
  7. namespace MvcAuthentication {  
  8.     public class MyMembershipProvider: MembershipProvider {  
  9.         public override string ApplicationName {  
  10.             get {  
  11.                 throw new NotImplementedException();  
  12.             }  
  13.             set {  
  14.                 throw new NotImplementedException();  
  15.             }  
  16.         }  
  17.   
  18.         public override bool ChangePassword(string username, string oldPassword, string newPassword) {  
  19.             throw new NotImplementedException();  
  20.         }  
  21.   
  22.         public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) {  
  23.             throw new NotImplementedException();  
  24.         }  
  25.   
  26.         public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) {  
  27.             throw new NotImplementedException();  
  28.         }  
  29.   
  30.         public override bool DeleteUser(string username, bool deleteAllRelatedData) {  
  31.             throw new NotImplementedException();  
  32.         }  
  33.   
  34.         public override bool EnablePasswordReset {  
  35.             get {  
  36.                 throw new NotImplementedException();  
  37.             }  
  38.         }  
  39.   
  40.         public override bool EnablePasswordRetrieval {  
  41.             get {  
  42.                 throw new NotImplementedException();  
  43.             }  
  44.         }  
  45.   
  46.         public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) {  
  47.             throw new NotImplementedException();  
  48.         }  
  49.   
  50.         public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) {  
  51.             throw new NotImplementedException();  
  52.         }  
  53.   
  54.         public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) {  
  55.             throw new NotImplementedException();  
  56.         }  
  57.   
  58.         public override int GetNumberOfUsersOnline() {  
  59.             throw new NotImplementedException();  
  60.         }  
  61.   
  62.         public override string GetPassword(string username, string answer) {  
  63.             throw new NotImplementedException();  
  64.         }  
  65.   
  66.         public override MembershipUser GetUser(string username, bool userIsOnline) {  
  67.             throw new NotImplementedException();  
  68.         }  
  69.   
  70.         public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) {  
  71.             throw new NotImplementedException();  
  72.         }  
  73.   
  74.         public override string GetUserNameByEmail(string email) {  
  75.             throw new NotImplementedException();  
  76.         }  
  77.   
  78.         public override int MaxInvalidPasswordAttempts {  
  79.             get {  
  80.                 throw new NotImplementedException();  
  81.             }  
  82.         }  
  83.   
  84.         public override int MinRequiredNonAlphanumericCharacters {  
  85.             get {  
  86.                 throw new NotImplementedException();  
  87.             }  
  88.         }  
  89.   
  90.         public override int MinRequiredPasswordLength {  
  91.             get {  
  92.                 throw new NotImplementedException();  
  93.             }  
  94.         }  
  95.   
  96.         public override int PasswordAttemptWindow {  
  97.             get {  
  98.                 throw new NotImplementedException();  
  99.             }  
  100.         }  
  101.   
  102.         public override MembershipPasswordFormat PasswordFormat {  
  103.             get {  
  104.                 throw new NotImplementedException();  
  105.             }  
  106.         }  
  107.   
  108.         public override string PasswordStrengthRegularExpression {  
  109.             get {  
  110.                 throw new NotImplementedException();  
  111.             }  
  112.         }  
  113.   
  114.         public override bool RequiresQuestionAndAnswer {  
  115.             get {  
  116.                 throw new NotImplementedException();  
  117.             }  
  118.         }  
  119.   
  120.         public override bool RequiresUniqueEmail {  
  121.             get {  
  122.                 throw new NotImplementedException();  
  123.             }  
  124.         }  
  125.   
  126.         public override string ResetPassword(string username, string answer) {  
  127.             throw new NotImplementedException();  
  128.         }  
  129.   
  130.         public override bool UnlockUser(string userName) {  
  131.             throw new NotImplementedException();  
  132.         }  
  133.   
  134.         public override void UpdateUser(MembershipUser user) {  
  135.             throw new NotImplementedException();  
  136.         }  
  137.   
  138.         // Here In this example we will use only ValidateUser method, we will see remaining later like create user,  
  139.         //update user change password and more  
  140.   
  141.         public override bool ValidateUser(string username, string password) {  
  142.             //Will write code for validate user from our own database  
  143.             using(RBACEntities dc = new RBACEntities()) {  
  144.                 var user = dc.Users.Where(a = > a.Username.Equals(username) && a.Password.Equals(password)).FirstOrDefault();  
  145.                 if (user != null) {  
  146.                     return true;  
  147.                 }  
  148.             }  
  149.             return false;  
  150.         }  
  151.     }  
  152. }

Step 10: Web Config File.

code
  • Rolebased Login Page Access in MVC
Up Next
.NET How to redirect to the login page automatically when session timeout in asp.net C#
Ebook Download
View all
C# Corner Ebook
ASP.NET Core New
Read by 0 people
Download Now!
Learn
View all
Learn Image
ASP.NET MVC
Get Started

You need to be a premium member to use this feature. To access it, you'll have to upgrade your membership.

Become a sharper developer and jumpstart your career.

Basic

$0

$

. 00

monthly

Sign-Up Now

For Basic members:

  • Standard Profile
  • Access learning courses
  • Access free e-books
  • 1x point
Premium

$20

$

. 00

monthly

Sign-Up Now

For Premium members:

  • Earn 2x reward points
  • Premium profile with Verified check
  • Premium Avatar with status update
  • Learning courses
  • Unlimited Certifications and badges on profile
  • Unlimited Book downloads
  • Access to Premium content
  • Online Training
  • Unlimited PDF conversions and downloads
  • Professional Resume Writing
  • Interview Preparations Guide
  • 25 messages per month
  • 1 "Kodzu" avatar, basic
Elite

$45

$

. 00

monthly

Sign-Up Now

For Elite members:

  • Bundle E-books
  • Access to all Learn Series
  • Unlimited Apply Jobs
Leaderboard
View all
Baibhav Kumar

Baibhav Kumar
+0
Shivam Payasi

Shivam Payasi
+0
Reshab Kumar Singh

Reshab Kumar Singh
+0
View all
Yesterday's leader
Baibhav Kumar  
Baibhav Kumar
HTML, CSS, JavaScript, Bootstrap, Wordpress, Python, Java, C, C++, BigData, MongoDB, MySQL, Blazor, .Net, Linux, AS
Gurugram (India)
4
2.3k
28.6k
10
Member of the month
Rinki  
Rinki
Chennai (India)
15
5.5k
14.8k
50
Speaker of the month
Shivam Payasi  
Shivam Payasi
C#, .NET
Chitrakoot (India)
8
21.2k
19.3k
10
Upcoming events
View all
  • Bhubaneswar Chapter
  • Building Websites with Microsoft Power Pages: Exploring WebPage, WebTemplate, and Page Templates - Microsoft Business Application Ep. 25
Suggested for you
View all
James Tomar James Tomar
Follow
Alistair Cook Alistair Cook
Follow
John Miller John Miller
Follow
Mahesh Chand Mahesh Chand
Follow
Rathrola Prem Kumar Rathrola Prem Kumar
Follow

CSharpBot

About Us Contact Us Privacy Policy Terms Media Kit Partners C# Tutorials Consultants Ideas Report A Bug FAQs Certifications Sitemap Stories CSharp TV DB Talks Let's React Web3 Universe Interviews.help Jumpstart Blockchain Build with JavaScript

©2024 C# Corner.

All contents are copyright of their authors.