I have been working with ASP.NET Core for quite some time now, and one of the most common requirements in web development projects is to implement a login page with Windows authentication. In this article, I will guide you through the process of creating an ASP.NET Core login page that utilizes Windows authentication.
What is Windows Authentication?
Windows authentication is a secure and widely-used authentication mechanism that allows users to log in to a website using their Windows credentials. It negates the need for users to remember another set of login credentials and provides a seamless login experience.
Creating the ASP.NET Core Project
Before we dive into the implementation details, let’s create a new ASP.NET Core project. Open your favorite IDE, and follow these steps:
- Create a new ASP.NET Core project using the
dotnet new
command. - Specify the project type as ‘web’ using the
--type web
option. - Choose your preferred project name and location.
- Navigate to the project directory using the
cd
command. - Run the project using the
dotnet run
command. - Open your web browser and navigate to https://localhost:5001 to make sure everything is working correctly.
Enabling Windows Authentication
Now that we have our ASP.NET Core project up and running, it’s time to enable Windows authentication. Follow these steps:
- Open the
Startup.cs
file in your IDE. - In the
ConfigureServices
method, add the following code:
services.AddAuthentication(IISDefaults.AuthenticationScheme);
- In the
Configure
method, add the following code:
app.UseAuthentication();
This code configures the ASP.NET Core application to use Windows authentication for authenticating users.
Creating the Login Page
Now that the authentication is configured, we can proceed with creating the login page. Add a new Razor view to your project using the following steps:
- Right-click on the ‘Views’ folder in your project.
- Select ‘Add’ and then ‘View’.
- Choose a name for your view and make sure to select the ‘Empty’ template.
- In the view file, add the following code:
@page
@model LoginModel
Welcome to the Login Page
Please enter your Windows username and password to log in:
This code creates a simple login form with text input fields for the username and password, and a submit button to log in.
Handling the Login Request
Now that we have our login page ready, let’s handle the login request. Add a new Razor page model to your project using the following steps:
- Right-click on the ‘Pages’ folder in your project.
- Select ‘Add’ and then ‘Razor Page’.
- Choose a name for your page and make sure to select the ‘PageModel’ template.
- In the page model file, add the following code:
using System.Security.Claims;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
public class LoginModel : PageModel
{
[BindProperty]
public string Username { get; set; }
[BindProperty]
public string Password { get; set; }
public IActionResult OnPost()
{
if (IsValidUser(Username, Password))
{
var claims = new[] { new Claim(ClaimTypes.Name, Username), new Claim(ClaimTypes.Role, "User") };
var identity = new ClaimsIdentity(claims, "UserIdentity");
var principal = new ClaimsPrincipal(identity);
HttpContext.SignInAsync(principal).Wait();
return RedirectToPage("/Index");
}
return Page();
}
private bool IsValidUser(string username, string password)
{
// Replace this logic with your own authentication logic,
// such as querying a database or validating against Active Directory.
// For demonstration purposes, we will assume any non-empty username and password are valid.
return !string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password);
}
}
This code handles the login request and performs basic user authentication. Replace the IsValidUser
method with your own authentication logic, such as querying a database or validating against an Active Directory.
Conclusion
Implementing a login page with Windows authentication in ASP.NET Core is a seamless and secure way to allow users to log in using their Windows credentials. By following the steps outlined in this article, you can easily create a login page that integrates with Windows authentication and provides a smooth user experience.