CTS – Your Technology Partner

What is new in ASP.NET MVC 5? (2 of 3)

Written by Ron Todosichuk on May 18, 2014


This is part two of a three part series, outlining some of the key new feature in ASP.NET MVC 5. In this part, we will look at the Attribute Routing and ASP.NET Identity.

Discussed Features:

Attribute Routing

ASP.NET MVC 5 adds a new feature that allows you to specify routes by using attribute. The new attributes that allow this to happen are the [RoutePrefix] and [Route] attributes. Adding the [RoutePrefix] attribute to the controller class allows you to specify a route prefix for all controller actions. Adding the [Route] attribute to the action allows you to specify the route and constraint of that action method.

To use the new routing attributes you first need to go to the RouteConfig.cs file and a line of code that tells the .NET framework to map the new MVC route attributes at run time. This line of code is routes.MapMvcAttributeRoutes();.


The following example code shows how to set the route for the Index() action to be /prefix/main by using the RoutePrefix and Route attributes. Also the Test(int number) action method has been routed to /prefix/test/{number}.


Attribute routing also allows you to specify addition constraints on the route values. If you want to make the number optional you can use a ‘?’.


Alternatively, if you want to accept a range of number from 10-999 or an empty value you can use the range and int? constraints. If the value passed into the URL does not match the constraint, you will get back a 404 error. So http://localhost:1234/prefix/test/10 would return the page but http://localhost:1234/prefix/test/3 would return a 404 page not found error.


Here is a list of route constraints key words.

Route Constraint Used To
x:bool Match a bool parameter
x:maxlength(n) Match a string parameter with maximum length of n characters
x:minlength(n) Match a string parameter with minimum length of n characters
x:max Match an integer parameter with a maximum value of n.
x:min Match an integer parameter with a minimum value of n.
x:range Match an integer parameter within a range of values.
x:int Match an integer parameter.
x:float Match a floating-point parameter.
x:alpha Match uppercase or lowercase alphabet characters
x:regex Match a regular expression.
x:datetime Match a DateTime parameter.

ASP.NET Identity

ASP.NET Identity is a new membership model for ASP.NET web applications. ASP.NET Identity allows you to choose where you want to store the user profile information. You can choose SQL Server database, or other data stores including NoSQL data stores such as Windows Azure Storages Tables. In addition, MVC 5 has support for third party authentication providers like google, facebook, and twitter (out of the box). ASP.NET Identity uses a new extensible identity system called OWIN (Open Web Interface of .NET). OWIN is a large topic, so I encourage you to Goggle it with Bing to learn more about it.

Let us look at how to enable the Google’s authentication provider. Within a new MVC 5 project, select the Startup.Auth.cs file under the App_Start folder.


Uncomment the app.UseGoogleAuthentication block of code. You will need to add in the clientId and clientSecret, which you can get from google by going to https://console.developers.google.com site and setting up a project.

Warning: You need to have Visual Studio 2013 update 2 RC or later installed in order for Google Authentication to work. The Prior version did not let you set the clientId and clientSecret values.


After you run the application and clicking the login link, you will see a Google button. This will allow a user to login using a google login and password, select a user name that they want to use on the web site and ASP.NET Membership model will store the link to google.



With ASP.NET MVC 5 Microsoft is making it easier and cleaner to implement routing and radically updating the authentication model for ASP.NET.

In the next installment, I will continue this three part series about “What is New in ASP.NET MVC 5?”. Part 3 will cover Authentication Filters and Filter Overrides.