Creating a Login in ASP.NET using a MySQL table July 3, 2008
Posted by tuse in : ASP.NET, Databases , 2 commentsToday we will see how to create a simple login page for your ASP.NET website. Add a new WebForm to your Website. For readabilty, name this as login.aspx
Drag a Login control from the toolbox (Yes, ASP.NET comes with a built-in Login control)
This Login control is really smart and is able to do the validations itself (i.e. checking if username and password are not entered etc..)
What needs to be configured for this control is the manner in which the user authentication will occur.
We will authenticate a user using the data stored in a MySQL database in the ‘login’ table which holds the username and password (We created this table and so should you before trying this out).
Write the following code for the ‘Login1_Authenticate’ method. Double click on the Login control to goto the code window.
' Import the ODBC namespace for MySQL Connection
Imports System.Data.Odbc
Partial Class login
Inherits System.Web.UI.Page
Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
Dim cn As New OdbcConnection("Driver={MySQL ODBC 3.51 Driver};Server=localhost;Database=mydb; User=root;Password=;")
cn.Open()
Dim cmd As New OdbcCommand("Select * from login where username=? and password=?", cn)
'Add parameters to get the username and password
cmd.Parameters.Add("@username", OdbcType.VarChar)
cmd.Parameters("@username").Value = Me.Login1.UserName
cmd.Parameters.Add("@password", OdbcType.VarChar)
cmd.Parameters("@password").Value = Me.Login1.Password
Dim dr As OdbcDataReader
' Initialise a reader to read the rows from the login table.
' If row exists, the login is successful
dr = cmd.ExecuteReader
If dr.HasRows Then
e.Authenticated = True
' Event Authenticate is true
End If
End Sub
End Class
Now suppose that you have other webpages in your websites and you wish to grant access to these only if a user has authenticated himself. This essentially means that the login page should appear to any anonymous users trying to access the webpage. To do this, we need to change the web.config XML file associated with the website (It is a configuration file which is added by default to all ASP.NET websites). This file can be found from the Solution Explorer (Keyboard Shortcut - Ctrl+Alt+L).
Make the following changes to the authentication tag that already exists in the file to make it look like the following-
Add a authorization tag just after the authentication to make sure anonymous users are denied access to your webpages (Anonymous users are identified by the question mark)
Now when you try to request any page in your website, it shows the login.aspx to authenticate you before allowing you to view its contents.
