Try this, I hope it will help you.
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
return View();
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = MyViewModels.checkUser(model.UserName, model.Password);
if (user!=null)
{
SignInAsync();
return RedirectToAction("Welcome");
}
else
{
ModelState.AddModelError("", "Invalid username or password.");
}
}
return View(model);
}
private void SignInAsync()
{
var claims = new List<Claim>();
claims.Add(new Claim(ClaimTypes.Name, "UserName"));
claims.Add(new Claim(ClaimTypes.Email, "User@mail.com"));
var id = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
var ctx = Request.GetOwinContext();
var authenticationManager = ctx.Authentication;
authenticationManager.SignIn(id);
}
[Authorize]
public ActionResult Welcome()
{
return View();
}
If you add [Authorize] attribute in the action, then it will redirect only the user name and password is authorize
Function to get user name and password from database
public static UserTable checkUser(string userName, string password)
{
DemoEntities db = new DemoEntities();
var query = (from u in db.UserTables
where u.UserName == userName && u.Password == password
select u).FirstOrDefault();
if(query!=null)
return query;
else
return null;
}