Remember.Web: does not match documentation any more

Question

Remember.Web: does not match documentation any more

tillig opened this issue 9 years ago · 2 comments

From @AGBrown on July 13, 2014 14:54

Versions:

Observed for commit autofac/Autofac@6ab6ce2, other commits not tested

Issue

When trying to use the Remember.Web to understand the Mvc-Integration wiki documentation, the sample code does not work when an [Authorize] (or custom authorize) attribute is applied to an action, due to problems with the web.config authentication/forms element. This specifies the loginUrl as ~/Account/LogOn (it should be ~/Account/Login). The sample project also doesn't provide an easy way to set a login cookie and authorize a user to try out the CustomAuthorize attribute in the wiki documentation.

Impact

The sample Remember.Web doesn't demonstrate the documentation on the Mvc-Integration wiki page. The wiki page references the sample as it ...

... demonstrates many of the aspects of MVC that Autofac is used to inject.

Proposed solution

The fix for this is quite simple, but it also requires #550 to be fixed.

With a few small changes the sample Remember.Web Mvc application could be made to fit in with the wiki at Mvc-Integration and demonstrate the following:

Model binding for the logon form with LoginFormBinder (currently working) with IAuthenticationService injection (currently working)
Custom authorization attribute (with injection, as per the wiki page) that works with a login cookie to redirect unauthorized users, and accept authorized users.
Redirection to the login url, which therefore demonstrates all the above

The changes that are required:

Fix Issue #550
Update the web.config authentication/forms element
Add a CustomAuthorizeAttribute as per the wiki
Add [CustomAuthorize] and [AllowAnonymous] to the AccountController (as per the current Mvc template application in VS2013)
Set the Remember.Web.csproj.user file to launch Account/LoginSuccess as the StartPageUrl

I will post an example changeset as a follow up to this issue to AutofacABContrib branch dev-552. In the example I have also split out "validation" by the IAuthenticationManager (renamed in the commit to ICaptchaManager and "authentication" performed using FormsAuthentication in the AccountController Please let me know if you would like me to create a pull request for the branch.

Copied from original issue: autofac/Autofac#552

Answer 1 · 2015-09-06T14:53:51.000Z

@tillig Let me know if there is anything to do with the branch and fixes - I'm assuming that you would need me to fork the new Examples project and re-map the fix changes on to it?

Answer 2 · 2016-10-05T23:32:46.000Z

The examples repo has been overhauled and no longer contains Remember.Web. Instead, the examples are more clearly named based on what they illustrate and try to stick closer to the docs.