LOGIN Control instructions

[Joel914]

I am VERY new to Dot Net and C#.

I am an old FoxPro procedural programmer. The move to C# and DOT NET is a
GIANT move, but I do not think I can NOT put it off any longer.

I am using the login control to make a normal login page for the entire site.

Are there any instructions or help file on how the programmer can use that
control?

For example does this control set any values that can be used to identify
this user when they go to the next page (or any page)?

How do I get this control to check my user table for user name and password?

Then I need to set a company name and access level for that user on every
page.


THANKS
Joel
Houston, TX

 

[ES]

I just use a couple of text boxes, but the "forms authentication" is very cool. When they authenticate, if you need the details, create a userinfo object and stuff it in the session. You can access it from any page then.

so..
In Web.Config, something like this:
<authentication mode="Forms">
<forms name="ccso" loginUrl="~/Login.aspx" protection="All" timeout="30" path="/" />
</authentication>
<authorization>
<deny users="?" />
</authorization>

In login.aspx:
<FORM id="Form1" method="post" runat="server">
<TABLE class="login" align="center">
<CAPTION align="bottom">
Please enter your login information</CAPTION>
<TR>
<TD class="label">
<asp:Label id="Label1" runat="server" EnableViewState="False">Login ID:</asp:Label></TD>
<TD>
<asp:TextBox id="txtLoginID" runat="server" EnableViewState="False" Width="160px"></asp:TextBox></TD>
</TR>
<TR>
<TD class="label">
<asp:Label id="Label2" Runat="server" EnableViewState="False">Password:</asp:Label></TD>
<TD>
<asp:TextBox id="password" Runat="server" EnableViewState="False" Width="160px" TextMode="Password"></asp:TextBox></TD>
</TR>
<TR>
<TD align="center" colSpan="2">
<asp:Button id="Button1" CssClass="submit" runat="server" Text="Submit"></asp:Button></TD>
</TR>
</TABLE>

In the login.aspx postback...
If Page.IsPostBack Then
Try
Dim user As User = New User(txtLoginID.Text, password.Text)
If CInt(user.Login("UserGroupID")) > UserGroup.Executive Then
Throw New LoginException("You are not authorized to access this page.")
End If
Session("User") = user
FormsAuthentication.RedirectFromLoginPage(txtLoginID.Text, False)
Catch ex As LoginException
lblMessage.Text = ex.Message
End Try
End If

Here's a user class...
(This is a quick and dirty one. You could write a more sophisticated class that had nice properties for everything. I just stuff what the stored procedure throws back into a hash table. The SP really just select *'s the user table. This way I have access to all the fields in the db without having to code a property for each.) You can use this like this:
Private _user As User = CType(Session("User"), User)

.... CStr(_user.Login("SalesRepNum"))...

Public Enum UserGroup
Administrator = 1
Executive = 2
Manager = 3
Broker = 4
End Enum

Public Class User
Private _Login As New Hashtable
#Region "GetSet"
Public ReadOnly Property Login() As Hashtable
Get
Return _Login
End Get
End Property
#End Region

Sub New(ByVal LoginName As String, ByVal pwd As String)
Dim conn As SqlConnection = New SqlConnection(ConfigurationSettings.AppSettings("AuthConnectionString"))
Dim cmd As SqlCommand = New SqlCommand
Dim dr As SqlDataReader
Dim parmName As New SqlParameter("@LoginName", SqlDbType.VarChar, 50, "LoginName")
Dim parmPWD As New SqlParameter("@Password", SqlDbType.VarChar, 50, "Password")

cmd.CommandType = CommandType.StoredProcedure
cmd.CommandText = "GetUserByLogin"
cmd.Connection = conn
parmName.Value = LoginName
cmd.Parameters.Add(parmName)
parmPWD.Value = pwd
cmd.Parameters.Add(parmPWD)
conn.Open()

dr = cmd.ExecuteReader(CommandBehavior.CloseConnection)
Try
If dr.HasRows Then
dr.Read()
Dim x As Integer
For x = 0 To dr.FieldCount - 1
_Login.Add(dr.GetName(x), dr.GetValue(x))
Next
Else
Throw New LoginException("User name and password not found.")
End If
Finally
dr.Close()
End Try

End Sub


End Class