locked
ASP.NET Webforms Custom User Authentication Advice Needed (EF6 DBFirst) RRS feed

  • Question

  • User-905656688 posted

    I am currently creating a new webforms app and decided to create a custom but simple Auth system for 2 reasons. 1. The new ASP.NET Identity 2.0 is hard to integrate with EF6 DBFirst and customize. 2. The web app will be private, not a public facing website.

    I already have a Users table that includes Username and Password fields. I also have functions that hash+salt the users password on save. The only other related fields to authentication are ResetKey and DateResetKeySet incase they need to create a new password.

    My main struggle is setting up all pages on the site to be restricted unless logged in. If the login check is successful should I set a User session object or be storing some kind of cookie to give them access to all of the pages? Where would my main check be that says this user is logged in and has access to this page or this user is not logged in redirect to Login.aspx? Also how would I go about giving only certain user roles access to certain pages?

    I know a lot of these questions might be simple but I have a feeling that I am lacking knowledge of certain Webforms authentication features that make my life a lot easier.

    Any templates or recommended links or ideas?

    Tuesday, September 16, 2014 12:13 AM

Answers

All replies