Since on the home page must be the login form (I decided to rename it to Login.aspx)
Visual studio has a Login control designed especially for this purpose.
Everybody knows that login form have to work aside with data tables.
Fortunately there is a way to create quickly all those tables:
There is built in tool for creating: users, roles and passowrds in Visual Studio named Web Tool.
You can start it from Solution Explorer window: After Selecting the Project node click the:
Or you can place the login control (as i did) and you can start this tool from the control itself .
This tool gives you the simple interface there you can add users, define roles and permissions.
This is how i defined two roles:
Sims very simple business...
But it not so simple.
All the roles users and their passwords are automatically stored in database named ASPNETDB.mdf. This database appears after you run the Webtool and created your configuration
And it not so simple to configure the Visual Studio in the way it will create all the membership stuff in my database.
Here
you can read about how to make membership tables in the same database
So now i have two Databases: M-survey.mdf and ASPNETDB.mdf. Until now it not a big problem, so let it stay this way…
I made two directories to plase there pages that be visible only to registered users:
I made two directories to plase there pages that be visible only to registered users:
The premissions that i gave make the pages in Admin directory be visible only to adminstrator, and pages in Users directory are visible only to 'members'.
web.config page:
<authentication mode="Forms">
<forms loginUrl="login.aspx"
defaultUrl="Users/Default.aspx"/>
</authentication>
This code makes the authenticated user to go firstly to users default page
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
if (User.IsInRole("Administrator"))
{
Response.Redirect("../Admin/Admin.aspx");
}
}
}
This code i place at users\default page (Survey), To make user (if the user is Administrator) - to be redirected to Admin\Admin.aspx
web.config:
<location path="Admin">
<system.web>
<authorization>
<allow roles="Administrators"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="Users">
<system.web>
<authorization>
<allow roles="members"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
This code prevents unauthenticated users to see the user's or administrator's pages
Finally:
So now we have a minimalistic login interface:
from page "login.aspx" users can sign up and be redirected to empty (meanwhile) "Default.aspx" page, whereas administrator, after signing up will see the Admin.aspx page.
Here you can download the source link
No comments:
Post a Comment