Forms Authentication is a popular approach in ASP.NET for managing user authentication within online applications. It enables developers to authenticate users using credentials saved in a database or another user store. This article will lead you through the process of implementing Forms Authentication in an ASP.NET web application with.NET Framework 4.8.0.

Step 1. Create a New ASP.NET Web Application
Open Visual Studio and create a new ASP.NET web application project, ensuring the selection of the appropriate framework version (in this case, .NET Framework 4.8.0).

Step 2. Configure Forms Authentication in web.config

Navigate to the web.config file of your ASP.NET application. Configure Forms Authentication by adding the following configuration within the <system.web> section:

<authentication mode="Forms">
    <forms loginUrl="~/Authority/Login" timeout="30"></forms>
</authentication>


This configuration specifies that Forms Authentication is enabled, the login page is Login.chtml, the default landing page after login is Default.chtml, and the session timeout is set to 30 minutes.

Step 3. Create a Login Page

Add a new web form named Login.chtml to your project. Design the login page with fields for username and password, as well as a login button.

Step 4. Implement Login Logic
In the code-behind file (Login.cs), implement the login logic when the user submits the login form.
using System.Web.Mvc;
using AdminPlain.Models;
using ApplicationDb.Operation;
using System.Web.Security;

namespace AdminPlain.Controllers
{
    [HandleError]
    public class AuthorityController : Controller
    {
        AdminPlainRepositery repo = null;
        public AuthorityController()
        {
            repo = new AdminPlainRepositery();
        }
        // GET
        public ActionResult Login()
        {
            return View();
        }

        [HttpPost]
        public ActionResult Login(AuthorityMembers members)
        {
            var result = repo.FindUser(members);
            if (result)
            {
                FormsAuthentication.SetAuthCookie(members.Name, false);
                return RedirectToAction("Index", "Home");
            }
            ModelState.AddModelError("", "Invalid UserName and Password");
            return View();
        }
    }
}


Step 5. Create a Default Landing Page
Add another web form named Default.chtml to serve as the default landing page after successful login. This page can contain protected content that only authenticated users can access.

Step 6. Protect Pages
To protect pages that require authentication, you can use the Authorize attribute. Apply the [Authorize] attribute to the code-behind file of protected pages.
[Authorize]
public ActionResult Index(ApplicationModel detail)
{
    if (ModelState.IsValid)
    {
       var result = repo.addTask(detail);
       ViewBag.isSuccess = true;
    }else {
        ViewBag.isSuccess = false;
    }
    return View();
}

Step 7. Implement Logout Functionality
To allow users to log out, create a logout button or link that calls the SignOut method of the FormsAuthentication class.
public ActionResult Logout()
{
    FormsAuthentication.SignOut();
    return RedirectToAction("Login");
}


Forms Authentication in ASP.NET Framework 4.8.0 provides a straightforward method for implementing user authentication in web applications. By following the steps outlined in this guide, you can create a secure login system that protects sensitive areas of your application and provides a smooth user experience.