Tuesday, July 1, 2014

What's new in ASP.NET MVC 5?

ASP.NET MVC 5 is a framework for building scalable, standards-based web applications using well-established design patterns and the power of ASP.NET and the .NET Framework. Below is the list of features which are bundled in ASP.NET MVC 5.

1) One ASP.NET

MVC Project templates are integrated very efficiently with one ASP.NET experience.  Microsoft has finally brought all the ASP.NET related project templates together, and the result is One ASP.NET.  

The figure depicted below shows, how the web templates in Visual Studio 2013 are now pointing to a single web application.  You can also combine multiple projects like Web API, MVC etc. in case you’re designing a complex system.

2) ASP.NET Identity

MVC project templates have been updated to use ASP.NET identity for authentication and identity management.  You can easily configure the type of authentication at the initial stage of the project and MVC would configure all the required settings accordingly.
As shown in the screenshot, 3 choices are provided:

No authentication: If user does not want to implement any authentication or implement a custom authentication

Individual User accounts: Allows you to have full control of user accounts in your application.  Users can create their account or sign in through social media sites like Facebook, Google etc.

Windows Authentication: If user wants to implement windows authentication mode in their web application

3) Bootstrap

MVC project templates have been updated to use bootstrap CSS framework to provide a slick and responsive UI for your application which can be easily customized.  Bootstrap makes front-end web development faster and easier. It's made for folks of all the skill levels, devices of all shapes, and projects of all sizes.

MVC 5 now provides a neat responsive UI when creating a new web application as depicted in the screenshot below.  The layout on the right is for mobile devices.

4) Authentication filters

Prior to ASP.NET MVC 5, there were 4 types of filters:

  1. Authorization filters
  2. Action filters
  3. Result filters
  4. Exception filters
Previously [Authorization] attribute was used to enforce role based security.

MCV 5 introduces new kind of features called authentication filters, which run prior to authorization filters.  The main advantage of using authentication filter is, it runs prior to authorization filters.  It allows you to specify authentication logic at action, controller or global level.

The main purpose of adding authentication filters is to separate authentication from authorization (first authenticate, then authorize)
  • Authentication verifies who you are
  • Authorization verifies what are you authorized to do
Here is a short overview of how to implement your custom action filter:

5) Filter overrides

Filters can now be overridden for a given action or controller by applying override filter attribute.   Override filters specify a set of filter types that should not run for a given scope (action or controller).  This allows you to add global filters, but then exclude some from specific actions or controllers.

There are different types of override attributes in ASP.NET MVC 5, which allows you to clear filters by their type:

  1. [OverrideActionFilters]
  2. [OverrideAuthentication]
  3. [OverrideAuthorization]
  4. [OverrideExceptionFilters]
  5. [OverrideResultFilters]

The example given below, applies “OverrideAuthorization” filter to Index action, which would exclude authorization filter and would override Authorization filter applied at the controller level.



6) Attribute Routing

Routing is the term used by MVC to match a URI to an action. MVC 5 now supports a new type of routing called attribute routing.  As the name suggests, attribute routing uses attributes to define routes.  It gives you more control over the URIs in your web application.

In the previous versions of MVC, rules were set in RouteConfig.cs file like shown below:

The example given above, can be simply defined in MVC 5 like this:

Attribute routing can be enabled by using a single line of code in RegisterRoutes:


No comments: