Authenticating The URL in ASP.NET MVC

Question

I am doing a project in asp.net MVC (web application). I have a doubt about that. please help me.

Eg: I have a 'LOGIN' Page as my first page, in that Additional two pages named 'Home', 'About'.

When I launch my application in ISS Express, it will load "Localhost:12345".

ie. Login Page.

Then when I Click "Login" button -> Home page (Localhost:12345/Home)

When I Click "About" Link -> About Page (Locahost:12345/About)

My Question is .:

When I give URL of (Locahost:12345/About) directly in the browser, it will load directly to About Page without asking Login.

I need to redirect my URL to Login Page if some other URL name (Home or About Page). Only after the main page(Loginpage) I need to go to other pages by clicking the respective button.

what is the Proper method to do this concept?

Anybody, please help me.

Answer 1

You can use simple forms authentication. Just add FormsAuthentication.SetAuthCookie(username, false); after you've authenticated the user in your action method, add the following in your web.config

<authentication mode="Forms">
  <forms loginUrl="(Your_login_controller)" slidingExpiration="true" timeout="2880"></forms>
</authentication>

Then you can use [Authorize] attribute on the controllers on which you don't want unauthorized access.

Answer 2

You need to add [Authorize] attribute to controllers which you want to be loaded if authenticated.