Form Authentication from SQLServer


Forms authentication lets you authenticate users by using your own code and then maintain an authentication token in a cookie or in the page URL.

Form authentication is cookie based, as ASP.NET places a cookie in the client machine in order to track the user. If the user requests a secure page and has not logged in, then ASP.NET redirects him/her to the login page. Once the user is authenticated, he/she will be allowed to access the requested page.


● Create Your database and Table as "visitor"
log3
●In the web.config, change the mode of authentication to Forms and ConnectionStrings

<?xml version="1.0"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
    <connectionStrings>
  <add name="ConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True"
   providerName="System.Data.SqlClient" />
 </connectionStrings>
 <system.web>
		<compilation debug="true" targetFramework="4.0"/>
   <authentication  mode="Forms">
   </forms>
  </authentication>
	</system.web>
</configuration>

Login Page - login.aspx


log1


<%@ Page Language="C#" AutoEventWireup="true" CodeFile="login.aspx.cs" Inherits="login" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
     <link href="bootstrap-3.3.5-dist/css/bootstrap-theme.min.css" rel="stylesheet" type="text/css" />
    
</head>
<body>
    <form id="form1" runat="server">
    <div style=" width:400px; margin:10% auto">
        <asp:Login ID="Login1" runat="server" onauthenticate="Login1_Authenticate" 
            TitleText="Log In : codetpoint.com" Width="400px">
                <TitleTextStyle BackColor="Green" ForeColor="Yellow"  Height="40px" Font-Size="1.25em" />
                <LabelStyle CssClass="form-control" />
                <TextBoxStyle CssClass="form-control " />
                <LoginButtonStyle CssClass="btn btn-success" />
       </asp:Login>
    </div>
    </form>
</body>
</html>

Login Page - login.aspx.cs


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;

using System.Data.SqlClient;
using System.Data;
using System.Configuration;

public partial class login : System.Web.UI.Page
{
    SqlConnection cnn;
    SqlCommand cmd;
    SqlDataReader reader;
    protected void Page_Load(object sender, EventArgs e)
    {
       
          
    }

    protected Boolean verify(String u, String pass)
    {
        Boolean flag = false;
        cnn = new SqlConnection();
        cnn.ConnectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
        cmd = new SqlCommand();
        cmd.Connection = cnn;
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = "select uname,upass from visitor where uname=@uname and  upass=@upass";

        SqlParameter un = new SqlParameter("@uname", SqlDbType.Char, 50);
        SqlParameter up = new SqlParameter("@upass", SqlDbType.Char, 50);
        un.Value = u;
        up.Value = pass;

        cmd.Parameters.Add(un);
        cmd.Parameters.Add(up);
        cnn.Open();
        reader = cmd.ExecuteReader();
        reader.Read();

        if (reader.HasRows)
        {
            flag = true;
        }

        cnn.Close();
        return flag;

    }
    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
       
       if (verify(Login1.UserName, Login1.Password)) 
         {
             e.Authenticated = true;
             FormsAuthentication.RedirectFromLoginPage(Login1.UserName, false);

         }
         else
         {
             e.Authenticated = false;
         }

       
    }
}

Welcome Page - welcome.aspx


log2


<%@ Page Language="C#" AutoEventWireup="true" CodeFile="welcome.aspx.cs" Inherits="welcome" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
     <link href="bootstrap-3.3.5-dist/css/bootstrap-theme.min.css" rel="stylesheet" type="text/css" />
     <link href="bootstrap-3.3.5-dist/css/bootstrap.css" rel="stylesheet" type="text/css" />
</head>
<body>
  <form id="form1" runat="server">
  <table  style="width:100%">
  <tr>
  <td style="width:75%; text-align:left" >
  <div>
  <ul class="nav nav-pills">
  <li class="active"><a href="welcome.aspx">Home</a></li>
  <li ><a href="#">Services</a></li>
  <li><a href="#">Courses</a></li>
  <li ><a href="#">About</a></li>
  </ul>
  </div>
  </td>

  <td  style="width:25%; text-align:left" >
  <div>
  <asp:LoginName ID="LoginName2" runat="server" />|
  <asp:LoginStatus ID="LoginStatus2" runat="server"  onloggingout="LoginStatus1_LoggingOut" />
  </div>
  </td>
  </tr>
 </table>
  </form>
</body>
</html>

Welcome Page - welcome.aspx.cs


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;
public partial class welcome : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!User.Identity.IsAuthenticated)
        {
            Response.Redirect("login.aspx");
            
        }

    }
    protected void LoginStatus1_LoggingOut(object sender, LoginCancelEventArgs e)
    {
        FormsAuthentication.SignOut();
        FormsAuthentication.RedirectToLoginPage();
      
    }
   
}