Click here to Skip to main content
15,846,144 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hey Guys, So i need a suggestions and help.

I have application in which i have 3 different login forms. 1 for SuperAdmin, 1 for SubAdmins, and 1 for normal users.

I create 3 login forms for security purpose there is very sensitive information and details so i create a different logins for each type of user. i think it is good to keep all things separated for each user please tell me what you guys think about this.

I am using Asp.net Mvc 4

What I have tried:

please tell me if there is any other better way
Posted
Updated 5-Jul-20 12:27pm

Quote:
please tell me if there is any other better way

Better way is 1 single login form !
Because you know who is a new user after the login.
Quote:
I create 3 login forms for security

Don't want to be rude, but it looks like you don't really understand how security works.

Procedure:
- Login user
- check if user/password exist, otherwise, go back to login
- Get role for user
- Store role in app variable
- user that variable to activate parts of app depending role.
 
Share this answer
 
Comments
Greg Utas 5-Jul-20 16:04pm    
But then how does the _first_ user log in?! :)
Patrice T 5-Jul-20 16:36pm    
Either administrator is hardcoded in app, either you manually prepare user batabase with first user credentials.
As Patrice stated; use 1 login page for all users.

Here is a very basic Login processing script to give you the basic logic of how to do this. This is on the line of quasi-code; and should not be used for production
C#
[HttpPost]
public ActionResult Login (string username, string password) {
   string NewPath;
   int RoleID = 0;

   if ((username == "superadmin") && (password == "superpass")) {
      RoleID = 1;
      NewPath = "SuperAdminPage";
   } else if ((username == "subadmin") && (password == "subpass")) {
      RoleID = 2;
      NewPath = "SubAdminPage";
   } else ((username == "normaluser") && (password == "normalpass")) {
      RoleID = 3;
      NewPath = "NormalUserPage";
   } else {
     RoleID = 0;
     NewPath = "LoginFailed";
   }

   Session("RoleID") = RoleID;
   Response.Redirect(NewPath);
}
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900