Authenticating ASP.NET MVC user from a WPF application

Question

How can I authenticate a user (with username and password) of an ASP.NET MVC application? I'm trying to do this using WebClient, passing NetworkCredentials, posting the request to the ASP.NET MVC application from my WPF client. How do I handle this request on the server? How do I get the passed username and password?

I'm using forms authentication in the ASP.NET MVC app (the default that is created with a new project).

Answer 1

Forms authentication works in two steps:

1. The user goes to the LogIn page and enters his username and password and sends them to the server
2. The server verifies them and if they are correct it emits an authentication cookie which is sent to the client. The client stores this cookie and sends it along each subsequent requests to the server.

So to achieve this in a WPF application you will need to first obtain an authentication cookie. So first send a POST request to the LogIn page along with the username and password and read the returned cookie (For this you need to set the CookieContainer property on the HttpWebRequest for it to be able to catch the cookie). Once you have the cookie you reuse the cookie container in subsequent calls to authenticated pages.

You may checkout this sample code to assist you (just replace the addresses and parameter names).

Answer 2

This code worked for me, using Darin's approach and the WebClientEx class from their link. My WPF form has to authenticate to the MVC app and store the returned authentication cookie's name and value in static properties CookieName and CookieValue. The CreateUser() function is then able to access a secured action in the MVC app.

    //************************************************
    //************************************************
    private void Authenticate(object sender, RoutedEventArgs e)
    {
        using (var client = new WebClientEx())
        {
            var values = new NameValueCollection
            {
                { "UserName", "xxx" },
                { "Password", "yyy" },
            };

            var byteResponse = client.UploadValues("http://localhost/MyMvcApp/Account/Login", values);
            var responseString = Encoding.ASCII.GetString(byteResponse); //debugging

            CookieCollection authCookie = client.CookieContainer.GetCookies(new Uri("http://localhost/"));
            if (authCookie.Count > 0)
            {
                CookieName = authCookie[0].Name;
                CookieValue = authCookie[0].Value;
            }
        }
    }

    //************************************************
    //************************************************
    private void CreateUser(object sender, RoutedEventArgs e)
    {
        using (var client = new WebClientEx())
        {
            var user = new NameValueCollection
            {
                {"FirstName" , "Xavier"},
                {"LastName" , "McLann"},
                {"EmailAddress" , "xavier@aol.com"},
                {"Phone" , "234445585"}
            };

            if (!String.IsNullOrEmpty(CookieName) && !String.IsNullOrEmpty(CookieValue))
                client.CookieContainer.Add(new Cookie(CookieName, CookieValue,"/","localhost"));

            var byteResponse = client.UploadValues("http://localhost/MyMvcApp/Home/Create", user);
            var responseString = Encoding.ASCII.GetString(byteResponse); //debugging
        }
    }