Hi,
I'm new in ASP.NET MVC3 and I work on one project. I used Web Forms before, so
I have doubt about way to handle login and logout (with default asp.net membership features - tables aspnet_Users, aspnet_Roles etc). Is the best way for this to implement AdminController with Authorize filter. I have different roles in application, so some
methods should be authorized for different roles?
I think to use FormsAuthentification. Pseudo code:
1. authentificate user using Membership.ValidateUser - is it better to implement
my own auth provider class that uses ValidateUser method for better separation of concerns, or is there any other, better way to do this?
2. using FormsAuthentification.SetAuthCookie to save state when logged in and FormsAuthentification.SignOut to logout.
Is there any better way to do all this things (maybe with using of session?
I need a solution that is simple enought and secure enought.
Thanks in advance,
Amer