locked
Account vs Manage Controller in ASP.NET 5 RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User1954717099 posted

    I'm building an application using the new ASP.NET 5 framework and am familiarizing myself by playing around with the default template.

    In said template, which I thought had implemented user authentication pretty well, there is an Account Controller and a Manage Controller. The Account Controller handles user account creation, as well as the login and logout functionality of the site. The Manager Controller handles basic user account management, such as changing a user password or support for adding two factor authentication.

    Although I see the reasoning behind this design choice to some extent, I want to design the routing for my site in a particular way, and would need to combine the two controllers to accomplish this. I did this on the template, and everything continued working fine.

    Aside from the one controller being arguably too large, are there any issues with doing this? Are there security risks that I am overlooking? Do you know why Microsoft made this design choice when building a basic Identity user authentication template?

    Thanks for your response.

    Saturday, December 19, 2015 4:45 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User614698185 posted

    Hi f3pUm2sCaqXx,

    Welcome to ASP.NET Forums!

    AccountController and ManageController controller contains the sample code for Membership and Authorization which provided by default on project creation because its common stuff for web application and its help full to all for beginners, intermediate and experts also. From those controller you can manage/ create Role Based application more easily and quickly.

    Best Regards,

    Candice Zhou

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, December 21, 2015 7:07 AM