Good day, Stakloverfluchane, I write the admin panel for my application and come to a standstill, here is a form to enter the admin panel, I take the data from the form, send it to the server, there is a check:

  1. If the password and login are the same - return true
  2. If the password and login do not match - return false

If False is returned, everything is clear, but what about true, what to do next?

Thanks in advance for your answers and hints!

  • one
    Usually, after successfully verifying the username and password, information about this is stored in a cookie . In general, asp.net has built-in authorization. - Stepan Kasyanenko
  • @StepanKasyanenko Thanks for your comment, I just wanted to write with my own hands and figure out how it works. Or maybe you know how to screw the authorization if you created an empty project? - Uladzimir Khadakouski
  • one
    The mechanism is standard everywhere, it is necessary to record user information in the session. Google asp.net forms authentication . You can see a nice article on the implementation of authentication using forms - Stepan Kasyanenko
  • @StepanKasyanenko is super, thanks, you can copy-paste in response - I'll mark it as resolved. - Uladzimir Khadakouski
  • Unfortunately, answers that contain only links are not welcome here. To give an exhaustive answer, you need to give an example of working code. It will be complicated)) - Stepan Kasyanenko

1 answer 1

There are several ways to authorize asp.net .

Method using forms authentication .

To begin, let us indicate that we will use this method of authorization.

<authentication mode="Forms"> <forms name=".ASPXFORMSDEMO" loginUrl="logon.aspx" protection="All" path="/" timeout="30" /> </authentication>

Create a login page:

 <h3> <font face="Verdana">Logon Page</font> </h3> <table> <tr> <td>Email:</td> <td><input id="txtUserName" type="text" runat="server"></td> <td><ASP:RequiredFieldValidator ControlToValidate="txtUserName" Display="Static" ErrorMessage="*" runat="server" ID="vUserName" /></td> </tr> <tr> <td>Password:</td> <td><input id="txtUserPass" type="password" runat="server"></td> <td><ASP:RequiredFieldValidator ControlToValidate="txtUserPass" Display="Static" ErrorMessage="*" runat="server" ID="vUserPass" /> </td> </tr> <tr> <td>Persistent Cookie:</td> <td><ASP:CheckBox id="chkPersistCookie" runat="server" autopostback="false" /></td> <td></td> </tr> </table> <input type="submit" Value="Logon" runat="server" ID="cmdLogin"><p></p> <asp:Label id="lblMsg" ForeColor="red" Font-Name="Verdana" Font-Size="10" runat="server" />

Then we hang the event handler on input.

 private void cmdLogin_ServerClick(object sender, System.EventArgs e) { //Функция ValidateUser проверяет логин и пароль пользователя if (ValidateUser(txtUserName.Value,txtUserPass.Value) ) //Здесь мы записываем данные пользователя в сессию FormsAuthentication.RedirectFromLoginPage(txtUserName.Value,chkPersistCookie.Checked); else Response.Redirect("logon.aspx", true); }

Do not forget to add the namespace:

 using System.Web.Security;

In order to unauthorize a user, you must perform:

  FormsAuthentication.SignOut();