Start With
The Tutorial At
This Link

Dec 2

Written by: Michael Washington
12/2/2012 3:34 PM 

Creating a LightSwitch website and setting security is easy. However, you must set up all your users manually. In some cases you want to allow users to self-register.

Note: For this example, I am using the LightSwitch HTML Client Preview 2.

The Problem

When you create a LightSwitch application, you have the option to set security.

When a user access your application, they must have a user name and password.

You must create all the user names and passwords in advance.

Add Self Registration

LightSwitch uses the standard ASP.NET Membership Provider. You can integrate it with any security, (see: Integrating LightSwitch Into An ASPNET Application To Provide Single Sign On). However, if you only require a self-registration page, it is simple to set-up.

First, you will need to switch to File View.

In the Server/Web folder, add a Web Forms page.

Drag and drop a CreateUserWizard on to the page.

For this example, I used the following code to customize the Wizard:

    <asp:CreateUserWizard ID="CreateUserWizard1" runat="server" 
        FinishDestinationPageUrl="../../Client/default.htm">
        <WizardSteps>
            <asp:CreateUserWizardStep runat="server" />
            <asp:CompleteWizardStep runat="server">
                <ContentTemplate>
                    <table>
                        <tr>
                            <td align="center" colspan="2">Complete</td>
                        </tr>
                        <tr>
                            <td>Your account has been successfully created.</td>
                        </tr>
                        <tr>
                            <td align="right" colspan="2" style="text-align: center">
                                [<a href="../Client/default.htm">continue</a>]</td>
                        </tr>
                    </table>
                </ContentTemplate>
            </asp:CompleteWizardStep>
        </WizardSteps>
    </asp:CreateUserWizard>

Open the Web.config and add the following lines:

 <location path="default.aspx">    
   <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
 </location>

This allows non-authenticated users access to the registration page.

Test Out Self Registration

You must keep in mind that when you run LightSwitch in debug mode you are always logged in, and you are always a user called Test User. To properly test this you need to publish the LightSwitch application.

If we try to go directly to the application, we see the box to log in. This proves that authentication is working.

If we go to /web/default.aspx we get the registration page.

We fill in the information and click Create User.

Our account is created and we are automatically logged in and presented with a link that will take us directly to the application.

If we create a new message…

… we can only see our own messages because I added the following filter to the table:

    partial void PhoneMessages_Filter(ref Expression<Func<PhoneMessage, bool>> filter)
    {
        // If you are not an Administrator -- you can only see messages created by you
        if (!this.Application.User.HasPermission(Permissions.SecurityAdministration))
        {
            filter = e => e.CreatedBy == this.Application.User.Name;
        }
    }

If we log out and log back in as an Administrator, we can see all messages by all users.

Download Code

The LightSwitch project is available at http://lightswitchhelpwebsite.com/Downloads.aspx

(you must have HTML Client Preview 2 or higher installed to run the code)