Hibernating Rhinos

Zero friction databases

Web API 2–the SPA user interface review

I started to look on the sample code of the Single Page Template which uses the Web API 2 and ASP.NET MVC 5 beta and what I see it interesting.

It got a very nice UI implementation, and the authentication options that are built in are great:

Login

Basically, there is an built-in OAuth integrated authentication against Google, Facebook, Twitter and Microsoft, in addition to a classic local authentication feature. This looks very nice.

Let’s try log-in using Google. I pressed the Google button and the page it redirected to the Google login page. After entering my Google account’s credentials, Google asked me whether should it allow localhost to access my data. I’m selecting to accept button:

GoogleLogin

After pressing on the accept, the page is redirected back to my application and asks my to sign up using the my Google account.

SignUp

The requirement to specify the user name here seems to indicate that they use username to identify users instead of emails. Personally, I think that websites should ask for an email in order to identify a user. If they did that, the username can be configured later, from the account settings. Also, using my name as the User Name seems strange as user name doesn’t contain a spaces usually. But anyway… we will leave this aside.

I’m pressing on the Sign up button.

ToDoList

The UI seems to be really nice. It all AJAX powered and looks good. I was able to add an item, check it as done, but when I tried to delete it I got a mysterious “Error removing todo item.” error.

Anyway, let’s look more on the authentication options. I’m clicking on my user name, which redirect me to the “Account/Manage” page.

AccoutManage

Here I can see that I can specify a password, so I’ll be able to authenticate with a local username. So, let’s set a password.

SetPassword

After doing so, I get a “Password changed” message with an option to change the password. But also note that since I have now two options to log in to the website, it gives me the option to remove one, which is nice.

So it seems that I have all the authentication needs that a website is typically needs built-in, and they seems to work well. In the next post I’ll start to dig into the implementation of this, which has some surprises.

Published at

Originally posted at

Comments (2)