This post is about cookie based authentication in ASP.NET 5. I am implementing a cookie authentication in ASP.NET MVC application. Similar to other middleware components in ASP.NET, Cookie Authentication is also a middleware component, which you need to plug into ASP.NET pipeline.
For implementing cookie authentication, you require reference of Cookie middleware, here is the project.json file.
All the components used in this project are available in ASP.NET Core Framework as well.
Now you need to plug the Cookie authentication module to use in ASP.NET pipeline, you can do this via Startup.cs file.
Now, you need to apply the Authorize filter to protect resources, I am applying it in the class level. When there is a unauthorized request to such resource, filter returns 401 and the cookie middleware redirects to /Home/Login.
Note: You need to set the LoginPath property explicitly, otherwise it may not redirect.
And here is the Login action method, this code is for illustration purpose only, I not validating against database, if username and password matches the hard coded credentials, identity is established with that username.
And here is the Login view
To verify the implementation, install the required packages using kpm restore command, once it finishes, execute k web command. If web server is started, browse http://localhost:5001/, which will redirect to /Home/Login page, where you can enter the credentials, you will redirect back to /Home/Index page.