Menu
I am trying to get the Membership Provider to work.
So far I have:
<asp:Login ID="Login1" runat="server" OnAuthenticate="Login1_Authenticate"> </asp:Login> calling :
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) { if(Membership.ValidateUser(Login1.UserName, Login1.Password)) { Response.Redirect("/admin/default.aspx"); // Set the user as logged in? } } If I enter the correct login/password, the ValidateUser function returns true. So my question is: how do I set the user as logged in?
I am testing this in my pages doing :
protected void Page_Load(object sender, EventArgs e) { if ( Membership.GetUser()==null) { Response.Redirect("/admin/login.aspx"); } // else "you are logged in, congratulations" } I would have used the default functions, but it is just not working and a google search made me think that I will save time by actually recoding all that myself.
Anything will help!
EDIT: Regarding the accepted answer, it is the correct one for "how to set the user as logged in" and works fine. It didn't fixed my specific problem but only a part of it. Thought if you look thought the comments you will find interesting pointers.
EDIT 2 and solution: Ok I finally worked it out thanks to all the comments. Here is what I did, it's simpler than what I expected :
Page that checks login state:
protected void Page_Load(object sender, EventArgs e) { if ( !Request.IsAuthenticated) { Response.Redirect("/admin/login.aspx"); } Log out:
protected void LoginStatus1_Logout(object sender, LoginCancelEventArgs e) { FormsAuthentication.SignOut(); Response.Redirect("/admin/login.aspx"); } } web.config:
<authentication mode="Forms" /> login:
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) { if(Membership.ValidateUser(Login1.UserName, Login1.Password)) { FormsAuthentication.SetAuthCookie(Login1.UserName, true); Response.Redirect("/admin/default.aspx"); } } 
692
The ASP.NET membership provider is a feature that enables ASP.NET developers to create Web sites that allow users to create unique user name and password combinations. With this facility, any user can establish an account with the site, and sign in for exclusive access to the site and its services.
Forms authentication enables user and password validation for Web applications that do not require Windows authentication. With forms authentication, user information is stored in an external data source, such as a Membership database, or in the configuration file for an application.
The membership element is a sub-element of the system. web section. You can enable ASP.NET Membership for an application by directly editing the Web. config file for that application, or you can use the Web Site Administration Tool, which provides a wizard-based interface.
Put this in Login1_Authenticate before calling Response.Redirect("/admin/default.aspx");
FormsAuthentication.SetAuthCookie("username", true); Try moving your code and Gromer's suggestion to the LoggedIn event.
protected void Login1_LoggedIn(object sender, EventArgs e) { if(Membership.ValidateUser(Login1.UserName, Login1.Password)) { FormsAuthentication.SetAuthCookie(Login1.UserName, true); Response.Redirect("/admin/default.aspx"); } } EDIT: Like Gromer said, only do this if you have to execute some business code after the user is logged in and before s/he is redirected.
EDIT EDIT: Visual Studio describes the Authenticate event as, "called to authenticate the user," which implies that the user is not authenticated before the event is called. Thus, you cannot confirm that the user is logged in because s/he has not been authenticated yet.
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
