Create default Role and Admin User
Firstly, create default user role like “Admin”,”Manager”, etc and
also we will create a default admin user. We will be creating all default roles
and user in “Startup.cs”
OWIN (OPEN WEB Interface for .NET) defines a standard interface
between .NET and WEB Server and each OWIN application has a Startup Class where
we can specify components.
In “Startup.cs” file we can find
the Configuration method. From this method we will be calling our createRolesandUsers() method
to create a default user role and user. We will check for Roles already
created or not. If Roles, like Admin, is not created, then we will create a new
Role as “Admin” and we will create a default user and set the user role as
Admin. We will be using this user as super user where the user can create new
roles from our MVC application.
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
createRolesandUsers();
}
// In this method we will create default User roles and Admin user for login
private void createRolesandUsers()
{
ApplicationDbContext context = new ApplicationDbContext();
var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(context));
var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(context));
// In Startup iam creating first Admin Role and creating a default Admin User
if (!roleManager.RoleExists("Admin"))
{
// first we create Admin rool
var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole();
role.Name = "Admin";
roleManager.Create(role);
//Here we create a Admin super user who will maintain the website
var user = new ApplicationUser();
user.UserName = "shanu";
user.Email = "syedshanumcain@gmail.com";
string userPWD = "A@Z200711";
var chkUser = UserManager.Create(user, userPWD);
//Add default User to Role Admin
if (chkUser.Succeeded)
{
var result1 = UserManager.AddToRole(user.Id, "Admin");
}
}
// creating Creating Manager role
if (!roleManager.RoleExists("Manager"))
{
var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole();
role.Name = "Manager";
roleManager.Create(role);
}
// creating Creating Employee role
if (!roleManager.RoleExists("Employee"))
{
var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole();
role.Name = "Employee";
roleManager.Create(role);
}
}
When we run our application we can see new default ASP.NET user
related tables will be created in our AttendanceDB Database. Here we
can see in the following image as all ASP.NET user related tables will be
automatically created when we run our application and also all our default user
roles will be inserted in AspNetRoles table and default admin user will be
created in AspNetUsers table.
By default for user registration in ASP.NET MVC 5 we can use Email
and passoword. Here, we will customize the default user registration with
adding a username and a ComboBox to display the user roles. User can enter
their username and select there user role during registration.
View Part: Firstly, add a TextBox for
username and ComboBox for displaying User Role in Register.cshtml,
Double click the Register.cshtml and
change the html code like the following to add textbox and combobox with
caption. Here we can see first we add a textbox and Combobox .We bind the
combobox with (SelectList) ViewBag.Name.
HTML
@model shanuMVCUserRoles.Models.RegisterViewModel
@{
ViewBag.Title = "Register";
}
<h2>@ViewBag.Title.</h2>
@using (Html.BeginForm("Register", "Account", FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
{
@Html.AntiForgeryToken()
<h4>Create a new account.</h4>
<hr />
@Html.ValidationSummary("", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(m => m.Email, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.TextBoxFor(m => m.Email, new { @class = "form-control" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.UserName, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.TextBoxFor(m => m.UserName, new { @class = "form-control" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.Password, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.PasswordFor(m => m.Password, new { @class = "form-control" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.ConfirmPassword, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.PasswordFor(m => m.ConfirmPassword, new { @class = "form-control" })
</div>
</div>
<div class="form-group">
@Html.Label("user Role", new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@*@Html.DropDownList("Name")*@
@Html.DropDownList("UserRoles", (SelectList)ViewBag.Name, " ")
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" class="btn btn-default" value="Register" />
</div>
</div>
}
@section Scripts {
@Scripts.Render("~/bundles/jqueryval")
}
Model Part
Next in AccountViewModel.cs check for the
RegisterViewModel and add the UserRoles and UserName properties with required
for validation.
Double click the AccountViewModel.cs file from
Models folder, find the RegisterViewModel class, add UserName and UserRoles
properties as in the following.
C#
public class RegisterViewModel
{
[Required]
[Display(Name = "UserRoles")]
public string UserRoles { get; set; }
[Required]
[EmailAddress]
[Display(Name = "Email")]
public string Email { get; set; }
[Required]
[Display(Name = "UserName")]
public string UserName { get; set; }
[Required]
[StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm password")]
[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
}
Controller Part
Next in AccountController.cs first we get all the
role names to be bound in ComboBox except Admin role and in register button
click we will add the functionality to insert username and set user selected
role in ASP.NET identity database.
Firstly, create an object for our ApplicationDBContext. Here,
ApplicationDBContext is a class which is used to perform all ASP.NET Identity
database functions like create user, roles, etc.
C#
ApplicationDbContext context;
public AccountController()
{
context = new ApplicationDbContext();
}
Register ActionResult method:
Using the ApplicationDBConterxt object we will get
all the roles from database. For user registration we will not display the
Admin roles. User can select rest of any role type during registration.
C#
// GET: /Account/Register
[AllowAnonymous]
public ActionResult Register()
{
ViewBag.Name = new SelectList(context.Roles.Where(u => !u.Name.
Contains("Admin")).ToList(), "Name", "Name");
return View();
}
Register User
By default the user email will be stored as username in AspNetUsers table. Here
we will change to store the user entered name. After user was created
successfully we will set the user selected role for the user.
C#
// POST: /Account/Register
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser { UserName = model.UserName, Email = model.Email }; var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
//await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
//Assign Role to user Here
await this.UserManager.AddToRoleAsync(user.Id, model.UserRoles);
//Ends Here
return RedirectToAction("Index", "Users");
}
ViewBag.Name = new SelectList(context.Roles.Where(u => !u.Name.Contains("Admin")).
ToList(), "Name", "Name");
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return View(model);
}
Customize User login
In the same way as user registration we will customize user login to
change email as username to enter. By default in ASP.NET MVC 5 for login user
needs to enter Email and password. Here we will customize for user by entering
username and password. In this demo we are not using any other Facebook, Gmail
or Twitter login so we will be using UserName instead of Email.
View Part
Here we will change the email with UserName in Login.cshtml. We can find the Login.cshtml file from the
folder inside Views/Account/Login.cshtml.
C#
@using shanuMVCUserRoles.Models
@model LoginViewModel
@{
ViewBag.Title = "Log in";
}
<h2>@ViewBag.Title</h2>
<div class="row">
<div class="col-md-8">
<section id="loginForm">
@using (Html.BeginForm("Login", "Account", new { ReturnUrl = ViewBag.ReturnUrl }, FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
{
@Html.AntiForgeryToken()
<h4>Use a local account to log in.</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(m => m.UserName, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.TextBoxFor(m => m.UserName, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.UserName, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(m => m.Password, new { @class = "col-md-2 control-label" })
<div class="col-md-10">
@Html.PasswordFor(m => m.Password, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.Password, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<div class="checkbox">
@Html.CheckBoxFor(m => m.RememberMe)
@Html.LabelFor(m => m.RememberMe)
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Log in" class="btn btn-default" />
</div>
</div>
<p>
@Html.ActionLink("Register as a new user", "Register")
</p>
@* Enable this once you have account confirmation enabled for password reset functionality
<p>
@Html.ActionLink("Forgot your password?", "ForgotPassword")
</p>*@
}
</section>
</div>
<div class="col-md-4">
<section id="socialLoginForm">
@Html.Partial("_ExternalLoginsListPartial", new ExternalLoginListViewModel { ReturnUrl = ViewBag.ReturnUrl })
</section>
</div>
</div>
@section Scripts {
@Scripts.Render("~/bundles/jqueryval")
}
Model Part
Same as Registration in AccountViewModel we need to find the
loginViewModel to change the Email with UserName,
Here in the following code we can see that we have changed the Email
property to UserName.
C#
public class LoginViewModel
{
[Required]
[Display(Name = "UserName")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
}
Controller Part:
In login button click we need to change the email with username to check from
database for user Authentication. Here in the following code we can see as we
changed the email with username after successful login we will be redirect to
the user page. Next we will see how to create a user page and display the text
and menu by user role.
C#
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
//
// GET: /Account/VerifyCode
[AllowAnonymous]
public async Task<ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe)
{
// Require that the user has already logged in via username/password or external login
if (!await SignInManager.HasBeenVerifiedAsync())
{
return View("Error");
}
return View(new VerifyCodeViewModel { Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe });
}
Authenticated and Authorized User page
Here we create a new page for displaying message of Authenticated and
Authorized user by their role.
If the logged in user role is Admin, then we will display the welcome
message for Admin and display the menu forcreating new roles.
If the logged in users roles are Manager, Employee, Accounts, etc. then
we will display a welcome message for them.
Firstly, create a new Empty Controller named “userscontroller.cs”. In this controller first we add the [Authorize]
at the top of controller for checking the valid users.
Creating our View: Right click on index ActionResult and create a view .
In view we check for the ViewBag.displayMenu value. If the value is
“Yes", then we display the Admin
welcome message and a link for creating new Menu. If the ViewBag.displayMenu is “No, then display other
users name with welcome message.
HTML
@{
ViewBag.Title = "Index";
}
@if (ViewBag.displayMenu == "Yes")
{
<h1>Welcome Admin. Now you can create user Role.</h1>
<h3>
<li>@Html.ActionLink("Manage Role", "Index", "Role")</li>
</h3>
}
else
{
<h2> Welcome <strong>@ViewBag.Name</strong> :) .We will add user module soon </h2>
}
Controller part
In controller we will check the user is logged in to the system or not.
If the user did not log in, then
Display the message as “Not Logged In” and if the user is
authenticated, then we check the logged in users role. If the users role is
“Admin", then we set ViewBag.displayMenu =
"Yes", else we setViewBag.displayMenu = "No".
C#
public ActionResult Index()
{
if (User.Identity.IsAuthenticated)
{
var user = User.Identity;
ViewBag.Name = user.Name;
ViewBag.displayMenu = "No";
if (isAdminUser())
{
ViewBag.displayMenu = "Yes";
}
return View();
}
else
{
ViewBag.Name = "Not Logged IN";
}
return View();
}
For checking the user is logged in we create method and return the
Boolean value to our main Index method.
C#
public Boolean isAdminUser()
{
if (User.Identity.IsAuthenticated)
{
var user = User.Identity;
ApplicationDbContext context = new ApplicationDbContext();
var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(context));
var s = UserManager.GetRoles(user.GetUserId());
if (s[0].ToString() == "Admin")
{
return true;
}
else
{
return false;
}
}
return false;
}
Admin users can create Roles
We already saw that if the Admin user is logged in then we will display
the link for creating new users. For admin login we have already created a
default user with UserName as "shanu" and password
as "A@Z200711",
For creating user role by admin first we will add a new empty controller
and named it RoleController.cs,
In this controller we check that the user role is Admin. If the logged
in user role is Admin, then we will get all the role names
using ApplicationDbContext object.
C#
public ActionResult Index()
{
if (User.Identity.IsAuthenticated)
{
if (!isAdminUser())
{
return RedirectToAction("Index", "Home");
}
}
else
{
return RedirectToAction("Index", "Home");
}
var Roles = context.Roles.ToList();
return View(Roles);
}
In view we bind all the user roles inside html table.
HTML
@model IEnumerable<Microsoft.AspNet.Identity.EntityFramework.IdentityRole>
@{
ViewBag.Title = "Add Role";
}
<table style=" background-color:#FFFFFF; border: dashed 3px #6D7B8D; padding: 5px;width: 99%;table-layout:fixed;" cellpadding="6" cellspacing="6">
<tr style="height: 30px; background-color:#336699 ; color:#FFFFFF ;border: solid 1px #659EC7;">
<td align="center" colspan="2">
<h2> Create User Roles</h2>
</td>
</tr>
<tr>
<td>
<table id="tbrole" style="width:100%; border:dotted 1px; background-color:gainsboro; padding-left:10px;">
@foreach (var item in Model)
{
<tr>
<td style="width:100%; border:dotted 1px;">
@item.Name
</td>
</tr>}
</table>
</td>
<td align="right" style="color:#FFFFFF;padding-right:10;">
<h3> @Html.ActionLink("Click to Create New Role", "Create", "Role") </h3>
</td>
</tr>
</table>
More Information
Firstly, create a sample AttendanceDB Database in your SQL Server. In
the Web.Config file change the DefaultConnection connection string with your
SQL Server Connections. In Startup.cs file I have created default Admin user
with UserName "shanu" and password "A@Z200711." This UserName and password will be used
to login as Admin user. You can change this user name and password as you like.
For security reason after log in as Admin you can change the Admin user
password as you like,