C# Corner

ASP.NET Core Security, Part 1

To start my series on ASP.NET Core security, I'll show how to set up authentication to register, log in and log out a user account in an ASP.NET Core MVC application. To get started, open Visual Studio 2017 and create a new ASP.NET Core Web Application as seen in Figure 1.

Create New ASP.NET Core Web App
[Click on image for larger view.] Figure 1. Create New ASP.NET Core Web App

Next click on the Change Authentication button on the next dialog as seen in Figure 2.

Change Authentication Dialog
[Click on image for larger view.] Figure 2. Change Authentication Dialog

Then change the authentication type to "Individual User Accounts" as seen in Figure 3.

Individual User Accounts Setting
[Click on image for larger view.] Figure 3. Individual User Accounts Setting

Next click the OK button to create the new ASP.NET Core Web Application as seen in Figure 4.

Create App with Authentication Set
[Click on image for larger view.] Figure 4. Create App with Authentication Set

Next we are going to create the database for our application. Go to Tools |NuGet Package Manager | Package Manager Console as seen in Figure 5.

Open Package Manger Console
[Click on image for larger view.] Figure 5. Open Package Manger Console

Then run the "Update-Database" command in the console.

Your app is now configured to allow a user to register a user, log in an existing user and log out an existing user. To test this functionality, first register a new user by clicking on the Register link as seen in Figure 6.

Finished App
[Click on image for larger view.] Figure 6. Finished App

Once you click on the Register link you should see the User Registration page as seen in Figure 7.

Register User
[Click on image for larger view.] Figure 7. Register User

After you register a user you'll see that you're automatically logged in as seen in Figure 8.

Logged In!
[Click on image for larger view.] Figure 8. Logged In!

Now you can test out logging out a user by clicking on the Logout link in Figure 8. Lastly, test out the Login functionality by clicking on the Login link from Figure 7. You should now see the Login form as seen in Figure 9.

Login an Existing User
[Click on image for larger view.] Figure 9. Log in an Existing User

In this intro to the ASP.NET Core security series, I've shown you how easy it is to use the built-in authentication provider in ASP.NET Core. Stay tuned for the next installment where I'll show you how to put pages behind log in and create user roles, and use existing roles to restrict access to pages.

About the Author

Eric Vogel is a Senior Software Developer for Red Cedar Solutions Group in Okemos, Michigan. He is the president of the Greater Lansing User Group for .NET. Eric enjoys learning about software architecture and craftsmanship, and is always looking for ways to create more robust and testable applications. Contact him at [email protected].

comments powered by Disqus

Featured

  • Compare New GitHub Copilot Free Plan for Visual Studio/VS Code to Paid Plans

    The free plan restricts the number of completions, chat requests and access to AI models, being suitable for occasional users and small projects.

  • Diving Deep into .NET MAUI

    Ever since someone figured out that fiddling bits results in source code, developers have sought one codebase for all types of apps on all platforms, with Microsoft's latest attempt to further that effort being .NET MAUI.

  • Copilot AI Boosts Abound in New VS Code v1.96

    Microsoft improved on its new "Copilot Edit" functionality in the latest release of Visual Studio Code, v1.96, its open-source based code editor that has become the most popular in the world according to many surveys.

  • AdaBoost Regression Using C#

    Dr. James McCaffrey from Microsoft Research presents a complete end-to-end demonstration of the AdaBoost.R2 algorithm for regression problems (where the goal is to predict a single numeric value). The implementation follows the original source research paper closely, so you can use it as a guide for customization for specific scenarios.

  • Versioning and Documenting ASP.NET Core Services

    Building an API with ASP.NET Core is only half the job. If your API is going to live more than one release cycle, you're going to need to version it. If you have other people building clients for it, you're going to need to document it.

Most   Popular

Subscribe on YouTube