Login, Session & Authentication
by adminThe login form consists of 2 text boxes and 1 button.
Assume the following:
Txtid holds the username
Txtpass holds the password
The name of the database is XXX.mdb held in folder named db
The name of the table is jacko
The fields are username and passww
The form is named login
The button name is btnenter
Download Code snippet now (PDF)
Later (in another post), you’ll learn how to send an email and check for an existing record – hence, the login form can be extended with a new functionality namely: Retrieve Forgotten Password
Retrieving session value and Authentication
In the login form, the username was stored as a session.
To explain session value retrieval, a simple authentication method is used. Say, you’ve a page but want only user “Karine” to access it. Assume Karine is a staff.
On top of the page (Page_Load), you add the following code:
If Session(”login”) <> “Karine” Then Response.Redirect(”home.aspx”) End If
If “Karine” is not the username, the browser will be redirected to home.aspx.
The same technique can be put on top of every page to avoid users who have not logged in to access some page. In this case, the following snippet can be used (placed behind page_load just like above):
If Session(”login”) <> “” Then Response.Redirect(”login.aspx”) End If
If one has not gone through the login form, one must not be able to access any other page (even by entering the URL in the browser) without being redirected back to login.aspx for proper authentication.
Happy Coding ^_^