[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 203
  • Last Modified:

Login Design Issue.

Hi folks,

I am working on a database autentication with SQL server. I am wondering there are quite a few people turning there cookies off.
What would be the best approach to setup a login page from a professional point of view and why?

0
mathieu_cupryk
Asked:
mathieu_cupryk
  • 3
  • 2
1 Solution
 
cambo1982Commented:
hey mathieu,

I've just recently had to do this ASP.NET

They way i went about was to create a database table called SessionIDs (for storing a SessionID, UserID & IsActive) and a table called Users (for storing userid, username, password)

From that you can setup a login page with the following logic.
if (SessionVariable set) && (is valid session)
  // draw Logged in page
else if (SessionVariable set) && (is expired session)
 // draw Login Again Page
else if (post details sent) && (invalid login)
 // draw Login Again Page
else if (post details sent) && (valid login)
 // draw LoggedInPage & Set Session Variables SessionID + Active = 1 in the database.
else (not post details sent)
 // draw default login page

You can make the setup more complex by adding a timestamp for "lastChecked" to the sessionid table so everytime you revalidate it you can check to see if the page has been sitting idle for X number of minutes...

As for the cookie point of view... well theres not alot you can do to force people to use cookies... Perhaps theres a way to check the Internet Browsers Use_Cookie_Status and popup a message advising them to turn on cookies for your site.
0
 
mathieu_cuprykAuthor Commented:
I see exactly what you mean and this is a very good approach. But I cannot see a clear picture. Do you have your site up?

0
 
cambo1982Commented:
Unfortunately not in a publically viewable location, the project I worked on was for a Company Intranet.

I have a logic layout document on my other PC tho for the login system, and I'll put that document in a publically viewable place later tonight and post the URL.

EoinC
0
 
mathieu_cuprykAuthor Commented:
Sure just email me at macupryk@videotron.ca I would love to see it.
0
 
mathieu_cuprykAuthor Commented:
Points increased.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now