Sam
Reputation:
Displaying Member Details To Correct User
I currently have a website and upon registration to the website i generate each member a unique GUID. Upon the user logging in to the website i check the credentials and store the guid in session if successful, in order to show the user there profile / how many post have been made etc i run my queries to the database passing the users session GUID to fetch data related to them.
Can anyone kindly confirm a better approach for this ?
Upvotes: 0
Views: 78
Answers (2)
GalacticCowboy
Reputation: 11759
This is basically how most authentication/authorization systems work. Some things you may want to keep in mind:
- Don't reinvent the wheel if you don't need to - as Max pointed out, ASP.NET has a built-in auth provider that is fairly feature-rich and can be extended as well.
- I would avoid storing anything in Session unless you have to. It is easy to get lazy with Session, and it is also potentially volatile - if you bounce the service, anything in Session is gone.
- If you store a cookie on the client to handle this, ensure it is salted and encrypted.
Upvotes: 1
Max Schmeling
Reputation: 12509
Have a look at the membership features in ASP.Net: http://msdn.microsoft.com/en-us/library/ms998347.aspx
Upvotes: 3
Related Questions
- Asp.net Membership Logged in Users list
- How to display data based on current logged user?
- VB .NET: Logged in user information
- Displaying logged in user details
- show user's details from table on aspx when logged in
- Show logged in user data asp.net mvc
- Display logged in user asp.net
- Session - Login to view user data
- displaying Username using session (ASP.NET)
- Proper way of displaying User's Name on the Menu in ASP.NET