Tuesday, January 11, 2011

Creating & using the SQL Membership Provider in ASP.NET 2

This is a continuation of the previous blog Creating & using the SQL Membership Provider in ASP.NET 1.
In this post we shall cover the use of the Login controls in ASP.NET. They are:-
  1. Login
  2. LoginView
  3. PasswordRecovery
  4. LoginStatus
  5. LoginName
  6. CreateUserWizard
  7. ChangePassword
The default Login Page.
ASP.NET requires that we have a default login page. There are two ways of assigning this:-
  • Name a page as Login.aspx
  • Add the following code to the web.config file.
<authentication mode="Forms">
            <forms loginUrl="mylogin.aspx" />
        </authentication>
This will assign mylogin.aspx as the default login page, instead of Login.aspx.



The Login control.

The Login control is used for logging in an user to a ASP.NET website. Be careful not to create the Authenticate event, in which case you have to perform the authentication through code(A part which we shall cover next).We need to set the DestinationPageUrl to which the user shall be directed on successful Login.
Here is the code for the Login Page.
Login.aspx
<%@ Page Language="C#" AutoEventWireup="true"  CodeFile="Login.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>Login Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
   
        <asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Welcome.aspx">
        </asp:Login>
   
    </div>
    </form>
</body>
</html>

Login.aspx.cs
using System;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
  
}


The CreateUserWizard is used to create a new user.
Registration.aspx


<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Registration.aspx.cs" Inherits="Registration" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>Registration Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
   
        <asp:CreateUserWizard ID="CreateUserWizard1" runat="server">
            <WizardSteps>
                <asp:CreateUserWizardStep runat="server" />
                <asp:CompleteWizardStep runat="server" />
            </WizardSteps>
        </asp:CreateUserWizard>
   
    </div>
    </form>
</body>
</html>



Registration.aspx.cs


using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

public partial class Registration : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
}




The LoginView control contains two templates an Anonymous Template for showing content to unauthenticated users, and a LoggedIn Template for showing content to LoggedIn users. In addition we can have templates for different roles(a topic we shall cover in the future). I have placed a LoginView control on the welcome.aspx page. In the Logged In template I have placed a ChangePassword control for changing an existing password. In the anonymous template I have placed the words "Not Logged In". I have also placed a LoginStatus control on the page. This will display an option for Login if no user is logged in.It will display Logout otherwise.
 Here is the code for Welcome.aspx


Welcome.aspx


<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Welcome.aspx.cs" Inherits="Welcome" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
   
    </div>
    <asp:LoginView ID="LoginView1" runat="server">
        <LoggedInTemplate>
            <asp:ChangePassword ID="ChangePassword1" runat="server">
            </asp:ChangePassword>
        </LoggedInTemplate>
        <AnonymousTemplate>
            Not Logged In
        </AnonymousTemplate>
    </asp:LoginView>
    <asp:LoginStatus ID="LoginStatus1" runat="server" />
    <asp:LoginName ID="LoginName1" runat="server" />
    </form>
</body>
</html>

Welcome.aspx.cs


using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

public partial class Welcome : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
}



The PasswordRecovery control requires  configuration of smtp server. Place the following code in the web.config file

<system.net>
        <mailSettings >
            <smtp>
                <network host="localhost" port="25"   defaultCredentials ="true"/>
            </smtp>
        </mailSettings>
       
    </system.net>


    The password recovery control requires an EMail account to be configured. Here is the code:-
<asp:PasswordRecovery ID="PasswordRecovery1"
            style="position:absolute; top: 282px; left: 280px;" runat="server">
            <MailDefinition From="webmaster@supermail.com">
            </MailDefinition>
        </asp:PasswordRecovery>





Here is the code for the PasswordRecovery.aspx page that contains a PasswordRecovery Control.
PasswordRecovery.aspx
 <%@ Page Language="C#" AutoEventWireup="true" CodeFile="PasswordRecovery.aspx.cs" Inherits="PasswordRecovery" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>Password Recovery Control</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
  
    </div>
    <asp:PasswordRecovery ID="PasswordRecovery1" runat="server">
        <MailDefinition From="webmaster@supermail.com">
        </MailDefinition>
    </asp:PasswordRecovery>
    </form>
</body>
</html>
 The Registration Page in action:-

The Login Page in action:-

The Welcome Page after Login:-
The PasswordRecovery Page in action:-

In a future post we shall use the Roles API, and also use the Membership API through code.
Posted by at
Labels: , , , ,

3 comments:

  1. UnknownJanuary 31, 2011 at 10:09 PM

    sir, i m consistently reading your blogs and i really appreciate your blogs.... actually i need your help, could u tell me how can i set IP address in MYSQL from localhost to computer's IP???? sir plz reply me at vaibhav.offcial2010@gmail.com, I will be very thankful to you....

    ReplyDelete
  2. chandu sonkarFebruary 19, 2011 at 1:04 PM

    good After noon sir
    i read your every blog but this is very good & useful ;
    sir i need your help, i have a question
    i want to make a password strength(barindicator) in asp.net using ajax.
    please help sir
    chandu kumar
    kachhawa road
    varanasi
    chandu.bbau@gmail.com

    ReplyDelete
  3. vishal singhApril 28, 2013 at 10:31 AM

    For password strength(barindicator) no need to use Ajax you can do this using client side javascript code. But before you have mad rule for password strngth.

    thanks
    Vishal Singh
    Director
    PR Infosystem Pvt. Ltd.
    Varanasi

    ReplyDelete

Subscribe to: Post Comments (Atom)