ASP.NET MVC - Security
To learn ASP.NET MVC, we are Building an Internet Application.
Part VIII: Adding Security.
MVC Application Security
The Models Folder contains the classes that represent the application model.
Visual Web Developer automatically creates an AccountModels.cs file that contains the models for application authentication.
AccountModels contains a LogOnModel, a ChangePasswordModel, and a RegisterModel:
The Change Password Model
public class ChangePasswordModel
{
[Required]
[DataType(DataType.Password)]
[Display(Name = "Current password")]
public string OldPassword { get;
set; }
[Required]
[StringLength(100, ErrorMessage = "The {0}
must be at least {2} characters long.",
MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name =
"New password")]
public string NewPassword { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm new password")]
[Compare("NewPassword",
ErrorMessage = "The new password and confirmation password do not
match.")]
public string ConfirmPassword { get; set; }
}
The Logon Model
public class LogOnModel
{
[Required]
[Display(Name = "User
name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get;
set; }
}
The Register Model
public class RegisterModel
{
[Required]
[Display(Name =
"User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.EmailAddress)]
[Display(Name = "Email address")]
public string Email { get; set; }
[Required]
[StringLength(100,
ErrorMessage = "The {0} must be at least {2} characters long.",
MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name =
"Password")]
public string Password { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm password")]
[Compare("Password",
ErrorMessage = "The password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
}