Using Forms Authentication Ticket in ASP.NET and C#

Categories

Advanced Technologies

User Interface and Themes

Navigator: Home - Tutorials - Website Navigation - Using Forms Authentication Ticket in ASP.NET and C#

Using Forms Authentication Ticket in ASP.NET and C#

ASP.NET Website Navigation Tutorial

Implementing login on your website with Forms Authentication Ticket. C# version.

An easy way to create user login features on your website is to make use of the Forms Authentication Ticket in ASP.NET
We can do this quite simply, and we start off by including the assembly reference:

using System.Data.SqlClient;

Yes, it is possible to find a good web host. Sometimes it takes a while. After trying several, we went with Server Intellect and have been very happy. They are the most professional, customer service friendly and technically knowledgeable host we've found so far.

The ASPX page will look something like this:

User: user<br />
Password: password<br />
<table width="375">

<tr>

<td align="left" colspan="2" style="height: 21px">Please Login:</td>

</tr>
<tr>

<td align="right" style="width: 30%">Username:</td>
<td align="left" style="width: 70%">

<asp:TextBox ID="txtUsername" runat="server"></asp:TextBox></td>

</tr>
<tr>

<td align="right" style="width: 30%">Password:</td>
<td align="left" style="width: 70%">

<asp:TextBox ID="txtPassword" runat="server" TextMode="Password"></asp:TextBox></td>

</tr>
<tr>

<asp:Button ID="btnLogin" runat="server" OnClick="btnLogin_Click" Text="Login" /> </td>

</tr>
<tr>

<asp:Literal ID="litUserData" runat="server"></asp:Literal></td>

</tr>

</table>

</div>
</form>

Need help with Windows Dedicated Hosting? Try Server Intellect. I'm a happy customer!

Finally, we create the following methods to handle the login form.
The code-behind will look something like this:

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page
{

protected void Page_Load(object sender, EventArgs e)
{

}

protected void btnLogin_Click(object sender, EventArgs e)
{

switch (UserLogin(txtUsername.Text, txtPassword.Text))
{

case 1:

Session.Abandon();
Login();
break;

case 2:

litUserData.Text = "Bad Password";
break;

case 3:

litUserData.Text = "Unknown User";
break;

}

}

public void Login()
{

FormsAuthenticationTicket objTicket = null;
HttpCookie objCookie = null;
string strReturnURL = null;
objTicket = new FormsAuthenticationTicket(1, txtUsername.Text, System.DateTime.Now, DateTime.Now.AddMinutes(60), false, Session.SessionID);
objCookie = new HttpCookie(".ASPXAUTH");
objCookie.Value = FormsAuthentication.Encrypt(objTicket);
Response.Cookies.Add(objCookie);
strReturnURL = Request.QueryString["ReturnURL"];
if (strReturnURL != null)

Response.Redirect(strReturnURL);

else

Response.Redirect("Default2.aspx", false);

}

public int UserLogin(string strUsername, string strPassword)
{

int iReturnValue = 0;

SqlConnection con1 = new SqlConnection(ConfigurationManager.AppSettings["ConnString"]);
SqlCommand cmd = new SqlCommand("spAuthAdminUser", con1);
cmd.CommandType = CommandType.StoredProcedure;

cmd.Parameters.Add("@username", strUsername);
cmd.Parameters.Add("@password", strPassword);
cmd.Parameters.Add("@ReturnValue", SqlDbType.Int).Direction = ParameterDirection.ReturnValue;
con1.Open();
cmd.ExecuteNonQuery();
iReturnValue = System.Convert.ToInt32(cmd.Parameters["@ReturnValue"].Value.ToString());
con1.Close();
return iReturnValue;

}

Looking for the VB.NET 2005 Version? Click Here!

Looking for more ASP.NET Tutorials? Click Here!

Download Project Source - Enter your Email to be emailed a link to download the Full Source Project used in this Tutorial!

100% SPAM FREE! We will never sell or rent your email address!


Developer Resources