locked
how to check user if logged in or not RRS feed

  • Question

  • User-1634604574 posted

    how to check if user logged in or not if not logged in go back to login page

    Thursday, March 14, 2019 8:36 AM

All replies

  • User475983607 posted

    zhyanadil.it@gmail.com

    how to check if user logged in or not if not logged in go back to login page

    You've asked similar questions in previous threads and we've provided links to resources.  I strongly recommend that you set aside the time to actually go through the openly published security tutorials. 

    The default Visual Studio templates have the requested capability.  This functionality is built-in and simply a selection in the new project wizard.

    https://docs.microsoft.com/en-us/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity

    Thursday, March 14, 2019 1:35 PM
  • User-2054057000 posted

    how to check if user logged in or not if not logged in go back to login page

    You have to implement authentication system. I strongly suggest you to use Identity Management System which is very easy to use in ASP.NET Web Forms, ASP.NET MVC and ASP.NET Core projects.

    Thursday, March 14, 2019 3:51 PM
  • User753101303 posted

    Hi,

    Or use https://docs.microsoft.com/en-us/aspnet/visual-studio/overview/2013/creating-web-projects-in-visual-studio#authentication-methods and study the default template that you could reuse entirely or partially. As pointed already ASP.NET does this for you ie you can :
    - use a global authorize folder so that by default all your MVC app requires authentication
    - then allow Anonymous accesss only where needed
    - if a user needs to access an authenticated area ASP.NET will create a 401 error which will be handled by directing the user to the login page (configured in the web.config file)

    Thursday, March 14, 2019 4:15 PM
  • User-1634604574 posted

    but i tested that previous answer but was not correct answer

    Friday, March 15, 2019 7:14 AM
  • User1520731567 posted

    Hi zhyanadil.it@gmail.com,

    how to check if user logged in or not if not logged in go back to login page

    In ASP.NET MVC you restrict access to methods using the Authorize attribute. In particular,

    you use the Authorize attribute when you want to restrict access to an action method and make sure that only authenticated users can execute it. 

    According to your requirement,I suggest you could use [Authorize],for example:

    [Authorize]
    public ActionResult Index()
    { 
       ...
    }

    or

    [Authorize]
    public class HomeController 
    { 
       public ActionResult Index() 
       { 
          ... 
       } 
       ...
    }

    If a user did not login, then the Authorize attribute prevents access to the method and redirects the user to the login URL.

    More details,you could refer to:

    https://www.red-gate.com/simple-talk/dotnet/asp-net/thoughts-on-asp-net-mvc-authorization-and-security/

    Best Regards.

    Yuki Tao

    Friday, March 15, 2019 7:28 AM
  • User753101303 posted

    Ah as I said earlier it seems you are confusing the browser session and user authentication ? Or it is in some another discussion ?

    When an advice doesn't work tell what happens in the same thread so that we can move forward. I would suggest to create an app using one of the available default template as suggested earlier and check it it works fine for you.

    If ok you'll reproduce that in your app and you have pretty much 4 things to look at :
    - globally requiring authentication
    - allow anonymous access at particular place
    - configuring the login page
    - matching authenticated users to accounts stored in the database (uses ASP.NET Identity)

    It's pretty much all you need and it as most if not all ASP.NET features it can be still customized rather than entirely changed if you want to customize how it works...

    Friday, March 15, 2019 8:25 AM
  • User475983607 posted

    but i tested that previous answer but was not correct answer

    There is nothing wrong with the previous answers.  The issue is you do not understand the problem or the answer.  You will continue to struggle until you learn how authentication and authorization works in modern web applications.

    If you took the time to got through the linked tutorial as recommended many times, you should have a working application where the username is displayed on ever every page after a successful authentication.  

    Friday, March 15, 2019 1:08 PM