Forms authentication against users in database table Part 92

  • دعنا نشارك هذا :
ترتيب الدرس : 92
المدة : 00:12:38
التحكم :
Text version of the video

Healthy diet is very important both for the body and mind. If you like Aarvi Kitchen recipes, please support by sharing, subscribing and liking our YouTube channel. Hope you can help.


All ASP .NET Text Articles

All ASP .NET Slides

All Dot Net and SQL Server Tutorials in English

All Dot Net and SQL Server Tutorials in Arabic

At the following link, you can find the text version of this video. You will also find the code samples used in the demo.

In Part 90, we have discussed about authenticating users against a list stored in web.config file. In Part 91, we have discussed about, registering users, if they do not have a username and password to log in. In this session, we will disuss about authenticating users against a list stored in a database table.

This is continuation to Part 91. Please watch Part 91, before proceeding with this video. Authenticating users against a list stored in web.config file is very easy. FormsAuthentication class exposes a static method Authenticate(), which does all the hardwork of authenticating users.

Part 90 - Forms authentication using user names list in web.config

Part 91 - Forms authentication in and user registration

If we want to authenticate users against a list stored in a database table, we will have to write the stored procedure and a method in the application to authenticate users.

First let us create a stored procedure, that accepts username and password as input parameters and authenticate users.
Create Procedure spAuthenticateUser
@UserName nvarchar(100)
@Password nvarchar(100)
Declare @Count int

Select @CountCOUNT(UserName) from tblUsers
where [UserName]@UserName and [Password]@Password

Select 1 as ReturnCode
Select -1 as ReturnCode

Copy and paste the following private method in Login.aspx.cs page. This method invokes stored procedure 'spAuthenticateUser'.
private bool AuthenticateUser(string username, string password)
// ConfigurationManager class is in System.Configuration namespace
string CSConfigurationManager.ConnectionStrings["DBCS"].ConnectionString;
// SqlConnection is in System.Data.SqlClient namespace
using (SqlConnection connew SqlConnection(CS))
SqlCommand cmdnew SqlCommand("spAuthenticateUser", con);

// FormsAuthentication is in System.Web.Security
string EncryptedPasswordFormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1");
// SqlParameter is in System.Data namespace
SqlParameter paramUsernamenew SqlParameter("@UserName", username);
SqlParameter paramPasswordnew SqlParameter("@Password", EncryptedPassword);


int ReturnCode(int)cmd.ExecuteScalar();
return ReturnCode1;

Invoke AuthenticateUser() method, in the login button click event handler
if (AuthenticateUser(txtUserName.Text, txtPassword.Text))
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkBoxRememberMe.Checked);
lblMessage.Text"Invalid User Name and/or Password";

سيتم تفعيل التعليقات قريبا

Sep 23, 2020 07:32:24