Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Login Session ASP.NET [closed]
- protected void UserLogin_Authenticate(object sender, AuthenticateEventArgs e)
- {
- string roles;
- string UserName = UserLogin.UserName.Trim();
- string Password = UserLogin.Password.Trim();
- string Verify = "Yes";
- if (AccountChecking.CheckUser(UserName,Password,Verify) == true)
- {
- //These session values are just for demo purpose to show the user details on master page
- Session["User"] = UserName;
- roles = AccountChecking.GetUserRoles(UserName);
- Session["Roles"] = roles;
- //Let us now set the authentication cookie so that we can use that later.
- FormsAuthentication.SetAuthCookie(UserName, false);
- //Login successful lets put him to requested page
- string returnUrl = Request.QueryString["ReturnUrl"] as string;
- if (returnUrl != null)
- {
- Response.Redirect("Default.aspx");
- }
- else
- {
- //no return URL specified so lets kick him to home page
- Response.Redirect("Default.aspx");
- }
- }
- else
- {
- UserLogin.FailureText = "Incorrect UserName or Password";
- }
- }
- public static bool CheckUser(string UserName, string Password, string Verify)
- {
- DataTable result = null;
- try
- {
- using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["userDbConnectionString"].ConnectionString))
- {
- using (SqlCommand cmd = new SqlCommand("LoginCheck", con))
- {
- cmd.CommandType = CommandType.StoredProcedure;
- cmd.Parameters.Add(new SqlParameter("@UserName", UserName));
- using (SqlDataAdapter da = new SqlDataAdapter(cmd))
- {
- result = new DataTable();
- da.Fill(result);
- }
- if (Password.Trim() == result.Rows[0]["Password"].ToString().Trim())
- {
- if (Verify.Trim() == result.Rows[0]["Verify"].ToString().Trim())
- {
- //user id found and Password is matched too so lets do soemthing now
- return true;
- }
- }
- }
- }
- }
- catch (Exception ex)
- {
- //Pokemon exception handling
- }
- //user id not found, lets treat him as a guest
- return false;
- }
- //Get the Roles for this particular user
- public static string GetUserRoles(string UserName)
- {
- DataTable result = null;
- try
- {
- using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["userDbConnectionString"].ConnectionString))
- {
- using (SqlCommand cmd = new SqlCommand("GetUserRole", con))
- {
- cmd.CommandType = CommandType.StoredProcedure;
- cmd.Parameters.Add(new SqlParameter("@UserName", UserName));
- using (SqlDataAdapter da = new SqlDataAdapter(cmd))
- {
- result = new DataTable();
- da.Fill(result);
- }
- if (result.Rows.Count == 1)
- {
- return result.Rows[0]["roles"].ToString().Trim();
- }
- }
- }
- }
- catch (Exception ex)
- {
- //Pokemon exception handling
- }
- //user id not found, lets treat him as a guest
- return "guest";
- }
Add Comment
Please, Sign In to add comment