Question

In: Computer Science

Create a new ASP.NET using MVC. Set the application to SSL Enabled Implement an external login...

  1. Create a new ASP.NET using MVC.
  2. Set the application to SSL Enabled
  3. Implement an external login provider Facebook.

Solutions

Expert Solution

Step 0 – Registering your website with Facebook

Before you can have users sign in to your website using Facebook, Facebook needs to know about your website.

To do that go to Facebook’s developer page and click Register Now on “Become a Facebook Developer”.

There are a couple of steps in the registration process that you have to go through that will lead to you being asked to create an AppId:

An AppId is an identifier that Facebook uses to identify your website/web application. When your website redirects a user to Facebook for the user to sign in, the redirect will contain the AppId. This way Facebook can present a confirmation screen to your user with the application name.

So name your web application, and get an AppId:

You should see a screen now that on the top left corner has the AppId:

Click the Get Started button on the Facebook Login section:

Pick Web:

Add your website URL, you can use localhost for development.

You can ignore all the other steps after setting your website’s callback url. Those would only be required if we were to trigger the login process in JavaScript, which we are not.

Go to the Dashboard:

Make note of the App Secret:

You now have an App Id and an App Secret which is all you need to enable social logins using Facebook.

Setup Facebook login in your ASP.NET MVC

I’m going to describe the process of creating a new project from the command line. This way, the description is valid for whatever platform you are using.

Create a new MVC project

$ dotnet new -t mvc

Now add Nuget package for the cookie authentication middleware:

$ dotnet add package Microsoft.AspNetCore.Authentication.Cookies

And finally the Facebook authentication middleware:

$ dotnet add package Microsoft.AspNetCore.Authentication.Facebook

You now need to add and configure the cookie and the Facebook authentication middlewares in your ASP.NET application’s pipeline. To do add this to the Configure method in Startup.cs:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{

    //...

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationScheme = "ApplicationCookie",
        AutomaticAuthenticate = true
    });

    app.UseFacebookAuthentication(new FacebookOptions
    {
        AuthenticationScheme = "Facebook",
        AppId = "YOUR_APP_ID",
        AppSecret = "YOUR_APP_SECRET",
        SignInScheme = "ApplicationCookie"
    });

    app.UseStaticFiles();

    app.UseMvc(routes =>
    {
        routes.MapRoute(
            name: "default",
            template: "{controller=Home}/{action=Index}/{id?}");
    });
}

The last thing you need to do is to add an action method that starts the process of signing your user in using Facebook. For example in the Account controller add this action method:

public IActionResult FacebookLogin(){
    var authProperties = new AuthenticationProperties{
        RedirectUri = Url.Action("Index", "Home")
    };            
    return Challenge(authProperties, "Facebook");
}

If your run your web application now and go to /account/facebooklogin you should be able to login using Facebook.

If you want to check the claims that get added when your user signs in, add this to you Index.cshtml:

@if (User.Identity.IsAuthenticated){
    @foreach(var claim in User.Claims){
        <p><b>@claim.Type</b> - @claim.Value</p>
    }
}else{
    <p>User is not signed in</p>
}

NOTE: For an in-depth explanation of what a “Challenge” is and how the authentication middleware work you should read External Login Providers in ASP.NET Core.

Facebook login using ASP.NET Identity

The previous section described how you can set the Facebook authentication middelware log in a user “directly” by setting the SignInScheme to the cookie middleware that is set with AutomaticAuthenticate (if this sentence is confusing you really should stop and read External Login Providers in ASP.NET Core.

I’m going to assume that you have setup ASP.NET Identity in your project. If you haven’t done that yet here’s a good guide: ASP.NET Identity Core From Scratch.

Edit your Startup.cs class and add the Facebook authentication middleware:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    //...

    app.UseIdentity();

    app.UseFacebookAuthentication(new FacebookOptions
    {                
        AppId = "YOUR_APPID",
        AppSecret = "YOUR_APP_SECRET",
        AuthenticationScheme = "Facebook"                
    });

    app.UseStaticFiles();

    //app.UseMvc...
}

You can specify the SignInScheme as in the previous section. The main authentication scheme name (the one that actually adds the principal to HttpContext) is “Identity.Application”.

If you don’t specify a SignInScheme it will default to “Identity.External”, which corresponds to a cookie authentication middleware that is added by ASP.NET Identity and is configured with AutomaticAuthenticate=false. What that means is that it will not set the HttpContext.User, so it won’t log the user in.

The way you take advantage of an authentication middleware configured this way is to “manually” invoke it, so when configuring our challenge we’ll specify a redirect url to an controller action that does this. The reason for doing this is that in that controller action you can perform aditional steps, for example, create a local account for the user.

You can start the process of authenticating your users using Facebook the same way as in the previous section, however ASP.NET Identity’s SignInManager class has methods to do it. So if you want to use them, the action method that “issues” the challenge should look like this:

public IActionResult Login()
{
    var properties = _signInManager.ConfigureExternalAuthenticationProperties("Facebook", Url.Action("ExternalLoginCallback", "Account"));
    return Challenge(properties, "Facebook");
}

Here we added ExternalLoginCallback as the action in the AccountController where the user will be redirected to from Facebook after a successful authentication. Here’s a simplified version of that controller action:

public async Task<IActionResult> ExternalLoginCallback()
{
    ExternalLoginInfo info = await _signInManager.GetExternalLoginInfoAsync();
    //info.Principal //the IPrincipal with the claims from facebook
    //info.ProviderKey //an unique identifier from Facebook for the user that just signed in
    //info.LoginProvider //a string with the external login provider name, in this case Facebook

    //to sign the user in if there's a local account associated to the login provider
    //var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false);            
    //result.Succeeded will be false if there's no local associated account 

    //to associate a local user account to an external login provider
    //await _userInManager.AddLoginAsync(aUserYoullHaveToCreate, info);        
    return Redirect("~/");
}

Related Solutions

Create an ASP.NET Core MVC solution, edit the main view to contain an HTML form that...
Create an ASP.NET Core MVC solution, edit the main view to contain an HTML form that asks for first name, last name, and email address. The form should also have a submit button, though the submit button doesn't have to do anything yet. looking for an HTML mockup inside an ASP.NET Core MVC Solution.
Create a new website using C# & ASP.Net in Visual Studio: 1. Create a web page...
Create a new website using C# & ASP.Net in Visual Studio: 1. Create a web page to access a database and display the data from a table by providing an SQL statement. Create the page with these requirements:     create label, textbox and button     the textbox will capture the SQL statement     the button will process the statement and display the results 2. Add necessary data access pages to your project. 3. Display the data in Gridview
C# & ASP.NET Create a console application that prompts the user to enter a regular expression,...
C# & ASP.NET Create a console application that prompts the user to enter a regular expression, and then prompts the user to enter some input and compare the two for a match until the user presses Esc: The default regular expression checks for at least one digit. Enter a regular expression (or press ENTER to use the default): ^[a- z]+$ Enter some input: apples apples matches ^[a-z]+$? True Press ESC to end or any key to try again. Enter a...
For your final project, you are to create a two-page web application of your choice. ASP.NET...
For your final project, you are to create a two-page web application of your choice. ASP.NET : C# You must include the following items: At least 5 different standard server controls At least 2 validation controls At least 1 navigation control ~ one must navigate back and forth to each page One session state element Upon completion of your two-page web application, you will provide a two page report describing the functions of the web application as well as each...
Create an ASP.Net Website using Visual Studio with C#: Create a simple calculator that has 3...
Create an ASP.Net Website using Visual Studio with C#: Create a simple calculator that has 3 text boxes: 2 of them to enter numbers, the 3rd one displays the results Create 4 buttons to add, subtract, multiply, and divide Prevent the user from entering text in the number fields Display a message indicating “cannot divide by” when the user click “/” and there is a zero the in the second box Create two additional buttons: - One to store data...
Create an ASP.Net Website using Visual Studio with Visual Basic.Net: Create a simple calculator that has...
Create an ASP.Net Website using Visual Studio with Visual Basic.Net: Create a simple calculator that has 3 text boxes: 2 of them to enter numbers, the 3rd one displays the results Create 4 buttons to add, subtract, multiply, and divide Prevent the user from entering text in the number fields Display a message indicating “cannot divide by” when the user click “/” and there is a zero the in the second box Create two additional buttons: - One to store...
Using Python programming, make a form that allows user to login to a modest web application...
Using Python programming, make a form that allows user to login to a modest web application that has a password and username with a file that has validated user. Once logged in, a formal greeting and the choice to change password should be available. The password should be strong(NIST SP 800-63B). All failed logins should be logged w/ date and Time. (Ex. 6 failed logins in 20 min dated 12 Jan 2020.
1. Implement the union set function using the prototype. 2. Implement the intersection set function using...
1. Implement the union set function using the prototype. 2. Implement the intersection set function using the prototype. 3. Implement the set difference function using the prototype. 4. Implement the subset function using the prototype.
Create a program using python that provides a simple calculator: Requires a login with a prompt...
Create a program using python that provides a simple calculator: Requires a login with a prompt for a username and a password prior to using the calculator If username and password are incorrect, the program should re-prompt to re-enter correct username and password Once logged in, the user should have access to the calculator and should have the ability for the following mathematical operators: Addition Subtraction Multiplication Division Square Root PI Exponents
Using ASP.NET create an Age Calculator; which can determine an age according to a given date...
Using ASP.NET create an Age Calculator; which can determine an age according to a given date of birth. The calculated age will be displayed in years, months, weeks, days, hours, minutes, and seconds. How old are you in years, or months, or weeks, or days, or minutes, or seconds. The only input parameter is the birth date then the user will know his age
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT