ASP.NET Portal Starter Kit is the "Form-based Authentication" authentication mode. Forms authentication typically refers to a system that redirects to the HTML form with an HTTP client to redirect to an HTML form using an HTTP client. If the application needs to collect your own user credentials via HTML form while logging in, then the Forms authentication is very good. The user provides credentials and submits the form. If the application authenticates the request, a cookie is emitted in which the credentials or keys used to rehead identity are included. The request is then issued in the request header with the cookie. The ASP.NET event handler authenticates and authorizes any of the verification methods specified by the application.
Database Design:
There are three tables related to the user role in the ASP.NET Portal Starter Kit: User Information Table (Portal_Roles), the user role relationship table (portal_userroles). Manage user information and role information manages user information and role information through user role relationships, and a user can have a variety of roles, and one role can also be multiple users at the same time. The relationship between the three tables is as follows:
Program implementation:
After the user login in the ASP.NET Portal Starter Kit, the Application_AuthenticateRequest event in Global.asax.cs simultaneously triggered the application_AuthenticateRequest event in Global.asax.cs while the user identifies the user ID, and reads the role information of the logged in user in context.user. Determine whether to access the tag can be accessed in DesktopDefault.aspx according to PortalSettings.ActiveTab.AuthorizedRoles (accessibility attributes of the current event tag). If accessible, the user module under the tag is rendered, and the redirection to the access error page (Accessdenied.aspx) is not accessed. When managing user module information is editing user module information, it is to determine whether the user role is in editable role (IsedTable attribute) specified by the module.
Key code:
1. Return the user's role (in String [] in accordance with the user's Email (in String [], one represents a role, one user can have multiple roles) (SECURITY.CS)
Public string [] Gtroles (String email)
{
// Several steps to access the database
SqlConnection MyConnection = New SqlConnection (ConfigurationSettings.AppSettings ["ConnectionsTRING"]);
Sqlcommand mycommand = new sqlcommand ("portal_getrolesbyuser", myconnection;
Mycommand.commandtype = commandtype.storedProcedure;
SQLParameter Parameteremail = New Sqlparameter ("@ email", sqldbtype.nvarchar, 100);
Parameteremail.Value = email;
MyCommand.Parameters.Add (parameteremail);
/ / Open the link with SqlDataReader to execute the query
SqlDataReader DR;
MyConnection.open ();
DR = mycommand.executeReader (commandbehavior.closeConnection); / / read user role information
ArrayList Userroles = new arraylist ();
While (Dr.Read ()) {
Userroles.Add (DR ["RoleName"]);
}
Dr.close ();
Return (String []) UserRoles.Toarray (TypeOf (String));
}
2. Check if the current role is in the specified role (SECURITY.CS)
Public Static Bool Isinroles (String Roles)
{
HttpContext context = httpContext.current;
FOREACH (String Role in Roles.Split (New Char [] {';'})
{
// Specify all the ALL USERS in the specified role also
IF (Role! = "&& role! = null && ((role ==" all users ") || (Context.user.isinrole (Role)))))))))))
{
Return True;
}
}
Return False;
}
3, login verification code (Signin.ascx.cs)
Private void signinbtn_click (object sender, system.web.ui.imageClickeventargs e)
{
// Try and verify that the user is legal through the usersdb class
Usersdb accountsystem = new usersdb ();
String userid = accountsystem.login (email.text, portalsecurity.encrypt (password.text));
IF ((UserID! = null) && (userid! = ""))
{
/ / Create an authentication ticket for a given UserName and CreatePersistentCookie, and attach it to the collection of cookies. It does not perform redirection.
// Trigger the Application_AuthenticateRequest event in Global.asax.cs while establishing user IDs for user identity names.
Formsauthentication.seTauthCookie (email.text, remembercheckbox.checked);
/ / From orientation to the start page
Response.Redirect (Request.ApplicationPath);
}
Else
{
Message.text = "<" "BR" "> login failed!" "<" "BR" ">"
}
}
4, Application_AuthenticateRequest event in global.asax.cs
Protected Void Application_AuthenticateRequest (Object Sender, Eventargs E)
{
IF (request.isauthenticated == true)
{
String [] Roles;
// Deposit user role information into cookie
IF ((Request.Cookies ["Portalroles"] == NULL) || (Request.cookies ["Portalroles"]. value == "")) {
// Read from the database when there is no cookies
Usersdb user = new usersdb ();
Roles = User.getroles (user.Identity.name);
// Store user role information in the form of a string ";" separated, multiple characters of one user
String rolestr = "";
FOREACH (String Role in Roles)
{
Rolestr = Role;
Rolestr = ";"
}
// Create a credential of identity role verification
FormsauthenticationticKet Ticket = New FormsauthenticationTicket
1, // version of Version
Context.user.Identity.Name, // user name cookie name
DateTime.now, // Issue Time Release Date
DateTime.now.addhours (1), // Expires Every Hour Expired
False, // don't Persist Cookie Persistence (FALSE)
Rolestr // Roles user-defined data initialization (";" separated role string)
);
// Encrypted credentials
String cookiestr = formsauthentication.encrypt (ticket);
// store strings with user role information into cookie
Response.cookies ["Portalroles"]. Value = Cookiestr;
Response.cookies ["Portalroles"]. Path = "/";
Response.cookies ["portalroles"]. Expires = datetime.now.addminutes (1);
}
Else
{
// Read from cookies when there is no cookies
FormsauthenticationalticTicket Ticket = formsauthentication.Decrypt (Context.Request.cookies ["Portalroles"]. Value);
ArrayList Userroles = new arraylist ();
Foreach (string role in ticket.userdata.split (new char [] {';'})
{
Userroles.Add (Role);
}
Roles = (String []) UserRoles.toArray (TypeOf (String));
}
// From the GenericIdentity and role name array (the user represented by GenericIdentity belongs to this array) to initialize a new instance of the GenericPrincipal class.
Context.user = new genericprincipal (context.user.Identity, Roles);
}
}
5, determination in DesktopDefault.aspx Do you access to the code // current user's role is not in the accessible role of the current active tag, redirect to access error page
IF (PortalSecurity.ActiveTab.Authorizeds.ActiveTab.Authorizedroles) == false)
{
Response.Redirect ("~ / admin / accessdenied.aspx");
}
6, the user can edit the code of the user module
Public Static Bool HaseditPermissions (int MODULEID)
{
String Accessroles;
String editroles;
/ / Get the setting information of the site
SiteConfiguration SiteSettings = (SiteConfiguration) httpContext.current.Items ["Sitesettings"];
// Find the row of the specified module in the setup information (user module table module in XML)
SiteConfiguration.ModuLerow Modulerow = Sitesettings.Module.FindBymoduleId;
// Edit the role information of the specified module
Editroles = MODULEROW.EDITROLES;
// Access to the role information of the label belonging to the module
Accessroles = MODULEROW.TABROW.ACCESSROLES;
// The existing module's editing rights, and the access to the number of access to the module can modify the specified module
IF (invol 4security.isinroles (accessroles) == false || portalsecurity.isinroles (editroles) == false
Return False;
Else
Return True;
}
(Let's list some, wait until I finish it, then provide the download of the whole station program)
More related content: Click here >>
