Home/ Questions/Q 6862141
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T02:37:31+00:00

For practicing purposes, I’m about to create a new ASP.NET MVC 3.0 application. My

  • 0

For practicing purposes, I’m about to create a new ASP.NET MVC 3.0 application.
My solution (Practice.sln) will have 4 layers:

  • Pratice.Common (class library for my ViewModels)
  • Pratice.Data (class library for EF)
  • Pratice.Service (class library for business logic)
  • Pratice.Web (asp.net mvc 3.0 project)

Let’s assume I have a View called “Login” which is strongly typed on a LoginModel defined in my Practice.Common layer.
The LoginModel has 2 properties (username and password).

In my Controller, when the user submits the form, I call the following method:

[HttpPost]
public ActionResult Login(LoginModel model)
{
    if(_service.ValidateUser(model))
    return null;
}

The ValidateUser() is a method defined in my Pratice.Service layer (inside my LoginService.cs file).

I’m basically delegating the validation process to my Service layer…

My question is the following:

Considering I’d like to try/use the benefits of Membership Provider, and considering that most (if not all) my logic is happening in my Service Layer, how can move Membership into my Service Layer? (if that’s even a good thing)

Also…I was planning on creating my own Membership Provider as opposed to the built-in one since I’m not using all those generate TABLES and sprocs…

Bonus question:

Is it considered best practice to have all the login and account management happening directly from within your Controller and all the rest of my business logic kept inside my Service Layer?

I’m curious in the Pros and Cons of having “parts” of the logic happening directly inside the Controller and other “parts” happening in the Service Layer.

Of course, if anyone has a link or article that explains this, I’d be grateful!

Sincerely

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Ok, after a few trials and more reading, I’ve managed to answer my own questions.

    As far as moving the Membership Provider to my Service Layer (in my case) that doesn’t make any sense since my Service Layer will now have a dependency on System.Web.Security and I do not want that.

    In addition, I quickly realized I was confusing two concepts. FormsAuthentication and Membership. Although they work hand-in-hand, I don’t need all the methods provided by Membership. Therefore, I do not need to create a Custom Membership Provider nor use the built-in one.

    All I need to do is to continue to create my methods in my Service Layer (such as a Login() method) and then, manually create a FormsAuthenticationTicket which I’ll add inside a cookie then add that cookie to the cookie collection (in the Controller).

    As a side note, I also realized that it is only once you’ve added the cookie to the cookie collection that the HttpContext.User.Identity.IsAuthenticated starts returning TRUE.

    As far as my bonus question goes, unless told otherwise, I’ll keep the login mechanism (and validation) in the Service Layer instead of having some logic in the Controller and some logic in the Service Layer.

    • 0