Authentication / Authorization in Hot Towel Template

Question

How can I provide authentication / authorization for an asp.net mvc 4 web application that is built on Hot Towel template. All the views are considered as html pages. In this case how can I redirect my user to login view when s/he requests a view that needs specific credentials?

Answer 1

In a project of mine I used CodeFirst Membership Provider along with AccountController from the BreezeJS sample project. As for redirecting, try building a global library that checks if a user is logged in on every module activate call, and if the authentication fails, redirect them to login page.

Answer 2

You can do that in your viewmodel js files and adding attributes to web api controllers. In the viewmodel's activate function when you go to the webserver to pull data, you can secure your API call by adding attributes which will ensure that the API call is executed only when the user is authenticated. In case the user is not authenticated you can return appropriate Response message or 401 or 403 message type. ViewModel can interpret this response type and redirect the user to login view.

Answer 3

Take a look at the ASP.NET SPA template, which uses the standard MVC authentication. You can take the authentication code from there and put it into the Hot towel project.