Click here to Skip to main content
12,504,492 members (54,405 online)
Click here to Skip to main content
Add your own
alternative version

Stats

154.5K views
706 downloads
72 bookmarked
Posted

How to implement Two basics uses for the Asp.net Login control 2.0 (login and RememberMe)

, 23 Nov 2006
Rate this:
Please Sign up or sign in to vote.
This article will show you how to implement two basics uses of the ASP.NET Login control (2.0), The login task itself to validate the users who’s trying to access your web site. In addition i will show how to implement the REMEMBERME process using cookies to save the user name inside the user PC

Introduction

The login control is a good gift to save time in the way to make one of the most important tasks everytime that you developed a site, the login task (Who’s inside, Who’s outside)  Inside the next lines I will try give you a basic, but functional login control programming, which one you can use in your project.

The end of this program is to show the login page first (there is the login control) the user insert their login credentials (username, password) the page evaluates the credentials against a database, if the user exist and the password is the same saved onto database, the login page grant the access to welcome page, at negative case the login page is refresh showing a Login error message and set ready to attempt again.

 

 

 

This code on Login control authenticate process evaluates the users credentials and grant or deny the access to the destination page.

 

 

protected void Logeo_Authenticate(object sender, AuthenticateEventArgs e)
{
        try
        {
            string id_user = Logeo.UserName.Trim(); //Get the username from the control
            string pass_user = Logeo.Password.Trim(); //get the Password from the control

            

 //These are a sql and connection Examples

 string sql = "SELECT coduser, nameuser FROM users WHERE iduser = @param_Id AND passuser = @param_Password";
 
            public SqlConnection conexionExpress = new SqlConnection("server='localhost\\SQLExpress';Integrated Security=true;Initial Catalog=college;User Instance=false"); //Create the server connection

  
            SqlCommand comandoSql = new SqlCommand(sql, conexionExpress); //Create the sql command using sql string and sql connection

//Add the sql parameters

  comandoSql.Parameters.AddWithValue("@param_Id", id_user); //New on VS 2.0

  comandoSql.Parameters.AddWithValue("@param_Password", pass_user);


            string cod_user = "";
            string name_user = "";
            //Open database connection
                        
            conexionExpress.Open();
            SqlDataReader dr = comandoSql.ExecuteReader();
            while (dr.Read())
            {
                cod_user = dr.GetValue(0).ToString(); //The coduser is unique onto database table
                name_user = dr.GetValue(1).ToString();
            }
            conexionExpress.Close();//Close Database Connection
            if (cod_user != "") //The user exist onto database
            {
                /*Create the session vars
                Session["coduser"] = cod_user;
                Session["nameuser"] = name_user;
                e.Authenticated = true; //Grant the access, Goes to DestinationPageUrl
            }
        }
        catch(Exception)//On Login Error
        {
            e.Authenticated = false;//Confirm that you are out

  conexionExpress.Close();//On any error case, close the database connection
        }

}

Now we will change the welcome page to show the user name who grant the access

 

On welcome.aspx modify the load event

 

protected void Page_Load(object sender, EventArgs e)

 {

        if (!IsPostBack)

        {

            Message.Text = "Welcome " + Session["nameuser"].ToString() + " Your user code is " +  Session["coduser"].ToString();

        }

 }

 

At this point you already do the login event in you website, but we have a problem, ¿what happened if the user write the absolute url to welcome page?, he will reach the page, so lets add these lines at web.config file in order to redirect all the attempts to visit forms using absolute urls to login form.

Change the authentication mode to Forms and add the next in order to lock your site, and last define the login form URL like the default form.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Britney S. Morales
Web Developer
Colombia Colombia
Web Developer during 3 years and counting, i worked over my school website by two years, right now im webmaster at World Wowan foundation banking in my home city.

Please forgive my pictures examples, they are at spanish language because its my mother language.


You may also be interested in...

Pro
Pro

Comments and Discussions

 
GeneralComentario Pin
Member 249133916-Apr-08 3:53
memberMember 249133916-Apr-08 3:53 
GeneralRe: Comentario Pin
Britney S. Morales13-Jun-08 4:23
memberBritney S. Morales13-Jun-08 4:23 
GeneralRe: Comentario Pin
.net GuruKool1-Oct-08 0:24
member.net GuruKool1-Oct-08 0:24 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.160919.1 | Last Updated 23 Nov 2006
Article Copyright 2006 by Britney S. Morales
Everything else Copyright © CodeProject, 1999-2016
Layout: fixed | fluid