Reputation: 1
How to add accounts to a website ASP.NET C#
I created a new ASP.NET, C# empty website and I have my own database in the App_Data folder. I have a master page as well in the solution.
Anyway, I want to create a login page, but my issue is, how would I know whether a user is logged in or not when navigating around the site.
To elaborate more, when the user opens the home page, it'll have a label saying "Login" and linking to /login.aspx
But then when the user logs in, I want the "Login" label at the top to change to, Username + a "Logout" label (which ofcourse logs the user out).
My question is, say I go to another page, say /AboutUs.aspx, how would I know, if there is anyone logged in and who is logged in?
I've googled this alot and seen many solutions, including Membership Provider and LoginView, but I don't understand both of them (yes, I've read many articles; even MSDN articles).
Im not really used to programming with ASP.NET.
Any help please! Thanks!
Upvotes: 0
Views: 230
Answers (2)
Reputation: 2851
If you are, as you say, using your own db, where you store usernames and passwords, you will need to take care of the authentication process yourself. The easiest way to do this is to write your own Membership provider by inheriting from the System.Web.Security.MembershipProvider class and overriding essential methods, like bool ValidateUser(string userName, string password). Then you'll need to plug your provider into your website via web.config.
On the other hand, you can use the built-in Membership provider and its db. To do this, you'll need to copy your user data into this db which will be created the 1st time your app uses Membership feature (like, when in VS you execute PROJECT -> ASP.NET Configuration menu command). It's name and location depends on the connection string in your web.config. If you opt to using this way, once your user is authenticated, you'll be able to see it with the following code on the server side:
User.Identity.IsAuthenticated
Upvotes: 1
Reputation: 23113
In ASP.NET, I recommend using Forms authentication. http://msdn.microsoft.com/en-us/library/ff647070.aspx
When the user is logged in, there will be an IIdentity object in the user's session that you can use to determine if the user has been authenticated. But, you won't really need to use it much, because the web.config will be configured to toss all unauthenticated users back to your login page.
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx"
protection="All"
timeout="30"
name=".ASPXAUTH"
path="/"
requireSSL="false"
slidingExpiration="true"
defaultUrl="default.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false" />
</authentication>
</system.web>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
Upvotes: 1
Related Questions
- I am trying to create a Login website by Connecting Database to Registration Page
- Create Login and Validating Users in Asp.net
- How can we add ASP.NET Machine account in windows server 2003
- How to add users to ASP user database?
- c# website login to website
- How to Log Newly-Created Users into the Site
- Create Users in ASP.net website administration tool
- about asp.net windows account
- How to login in ASP.NET
- How to add users for windows authentication / IIS