Sheritlw
asked on
How to keep user logged in until they log out.
I have an asp.net 3.5 application where I need to keep the user logged in until they actually click the log out button.
I have searched the internet, but couldn't find a clear answer.
I use forms authentication, but do not use the login control.
From what I understand, expanding the session time, will bog down the system if there are a lot of users. Most of the sites I've visited suggest setting a cookie.
What would be the best way to keep a user logged in and how would I implement it?
Thank you,
I have searched the internet, but couldn't find a clear answer.
I use forms authentication, but do not use the login control.
From what I understand, expanding the session time, will bog down the system if there are a lot of users. Most of the sites I've visited suggest setting a cookie.
What would be the best way to keep a user logged in and how would I implement it?
Thank you,
###Web.config
<sessionState mode="InProc" cookieless="AutoDetect" timeout="60"/>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" cookieless="AutoDetect" timeout="60" defaultUrl="/Stylist/Client_Services.aspx"/>
</authentication>
###Login Form
Protected Sub LoginButton_Click(ByVal sender As Object, ByVal e As System.EventArgs)
If Membership.ValidateUser(txtUserName.Text, txtPassword.Text) Then
If Me.RememberMe.Checked Then
Dim authTicket As FormsAuthenticationTicket = New FormsAuthenticationTicket(txtUserName.Text, True, (12 * 60))
Dim encryptedTicket As String = FormsAuthentication.Encrypt(authTicket)
Dim cookie As HttpCookie = New HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
cookie.Expires = authTicket.Expiration
HttpContext.Current.Response.Cookies.Set(cookie)
End If
FormsAuthentication.SetAuthCookie(txtUserName.Text, False)
Response.Redirect("/Stylist/Redirecting.aspx?NewStylist=" & Me.HiNewStylist.Value.ToString & "")
Else
Alert.Show("The email and/or password is incorrect. Please retype your login information or click Register for a new account below.")
End If
End Sub
ASKER
Is there somewhere that I need to read this cookie? Like in session timeout?
Thanks
Thanks
you can check for the cookie at the time of validation of user login.
Here are few articles that will provide more options to decide:-
http://msdn.microsoft.com/en-us/magazine/cc300437.aspx
http://www.codeproject.com/Articles/31914/Beginner-s-Guide-To-ASP-NET-Cookies
Here are few articles that will provide more options to decide:-
http://msdn.microsoft.com/en-us/magazine/cc300437.aspx
http://www.codeproject.com/Articles/31914/Beginner-s-Guide-To-ASP-NET-Cookies
ASKER
Great articles! I started reading but it will take me a while to grasp...
So until I can understand how do to keep users logged in whether they close the browser or not, how can I just make sure users stay logged in until they either logout or close the browser?
This application is for hair stylists and there will be a lot of times when the program will be idle, but the page still displayed. I need to make sure that they are able to quickly go back to where they were when they need to use application.
How can I do this?
Thanks
So until I can understand how do to keep users logged in whether they close the browser or not, how can I just make sure users stay logged in until they either logout or close the browser?
This application is for hair stylists and there will be a lot of times when the program will be idle, but the page still displayed. I need to make sure that they are able to quickly go back to where they were when they need to use application.
How can I do this?
Thanks
did you ever see how google does this for you. even if you close the browser, next time when you open it, you will be logged in.
Its cookies mate....
That will give you what you need....
Its cookies mate....
That will give you what you need....
ASKER
Yes, I understand that I just don't know how to implement it.
I know in my login form I place code similiar to...
But since I use sessions, what do I do to keep them logged in. Won't the system log them out when the session expires?
BTW - I am female:-)
Thanks
I know in my login form I place code similiar to...
Response.Cookies("userName").Value = "patrick"
Response.Cookies("userName").Expires = DateTime.Now.AddDays(1)
Dim aCookie As New HttpCookie("lastVisit")
aCookie.Value = DateTime.Now.ToString()
aCookie.Expires = DateTime.Now.AddDays(1)
Response.Cookies.Add(aCookie)
But since I use sessions, what do I do to keep them logged in. Won't the system log them out when the session expires?
BTW - I am female:-)
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I read the MSDN article, it was very interesting, but it was written in 2003.
I am using asp.net 3.5 and from what I understand there are other ways to accomplish this.
In less than an hour, I start paying someone to start beta testing this application.
I really need to get this working right now.
Can you please provide an example of what I need to do?
Thanks
I am using asp.net 3.5 and from what I understand there are other ways to accomplish this.
In less than an hour, I start paying someone to start beta testing this application.
I really need to get this working right now.
Can you please provide an example of what I need to do?
Thanks
You could try the method in example code
below, which uses "setInterval" to refresh
a connection to your secure site every 10
minutes (600,000 milliseconds)
Just place a small .gif file "image_file.gif" on your web site
below, which uses "setInterval" to refresh
a connection to your secure site every 10
minutes (600,000 milliseconds)
Just place a small .gif file "image_file.gif" on your web site
<script type="text/javascript">
window.onload = function() {
setInterval ("refresh_conn( )", 600000 ); // run refresh_conn( ) function every 10 mins
}
function refresh_conn( ) {
var image1 = new Image();
image1.src = "https://yoururl/image_file.gif";
}
</script>
There are different ways to keep the user logged on.
As you know that sessions are not recommended, you can either use cookies or database to store users login information.
If you want to implement it via cookies then you can do like this:
Writing Cookies:
Response.Cookies("userName
Response.Cookies("userName
Dim aCookie As New HttpCookie("lastVisit")
aCookie.Value = DateTime.Now.ToString()
aCookie.Expires = DateTime.Now.AddDays(1)
Response.Cookies.Add(aCook
Reading Cookies:
If Not Request.Cookies("userName"
Label1.Text = Server.HtmlEncode(Request.
End If
If Not Request.Cookies("userName"
Dim aCookie As HttpCookie = Request.Cookies("userName"
Label1.Text = Server.HtmlEncode(aCookie.
End If
You can read more about this over here:
http://msdn.microsoft.com/en-us/library/ms178194.aspx