How do I check authentication and then redirect user based on the check?

I am using BlogEngine 3.0.. There is no code behind page for default.aspx in the web app. So I am using the site.master.cs in the theme to make the check I need. I need to check to see if the person coming to the page is authenticated and if not redirected to Login. If they are authenticated to check and see if they are an Administrator or a Teacher. If not redirect the user to a page NotAllowed.aspx. Below is the code for the code behind on the site.master.

  protected void Page_Load(object sender, EventArgs e)
  {
      if (!Request.IsAuthenticated)
      {
          Response.Redirect("account/login.aspx");
      }
      else if (!Roles.IsUserInRole("Administrators")) ||
           !Roles.IsUserInRole("Teacher")
      {
          Response.Redirect("account/NotApproved.aspx");
      }      
     
This is what happens:
When I first visit the page I am sent to Login as I should be. When I log on I am just redirected back to Login. It doesn't matter what credentials I use to log in, whethr an administrator's or a teacher's.

This seems simple. I can't see what I am missing. Thanks for your assistance.
bobbellowsAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
CamilliaConnect With a Mentor Commented:
This is how I do it in master page of one of my projects

Aspx page:

 <form action="#" method="post"  id="frm" runat="server" >
    <div id="login_area">
      <fieldset >
        <legend>Member log-in <asp:Literal ID="lmsg" runat="server" ></asp:Literal> </legend> 
      
        
            <asp:Login ID="Login1" Orientation="Horizontal"  LoginButtonStyle-CssClass="submit_text_link" 
            LoginButtonText="Submit"  OnAuthenticate="OnAuthenticate"    LoginButtonType="Link" TitleText=""    DisplayRememberMe="false" 
            TextLayout="TextOnTop"   FailureText="Invalid username or password"  runat="server">
            
             <LayoutTemplate>
               
                <table width="320" border="0" cellspacing="0" cellpadding="0">
                    <tr>
                    <td><label for="username">Username:</label>
                    <asp:TextBox  ID="UserName" runat="server"></asp:TextBox></td>&nbsp;
                    <td ><label for="password">Password:</label>
                    <asp:TextBox  ID="Password"   runat="server"  TextMode="Password"></asp:TextBox></td>
                    </tr> 
                    
                    <tr align="right">
              
                    <td  colspan="2">
                    
                    <asp:LinkButton id="Login" CommandName="Login" CssClass="submit_text_link" runat="server" Text="Submit"></asp:LinkButton></td>
                    </tr>
                    
                    </table>
                                 
             </LayoutTemplate>
                             
            </asp:Login>
      
    
        </fieldset>
       

       <br /> 
     </div> <!--new -->

     <!-- bottom of the page -->
     <div >
            <asp:ContentPlaceHolder  id="MasterContentPlaceHolder1" runat="server">
        
            </asp:ContentPlaceHolder>
     </div>
    </form>

Open in new window


Code behind in Login.master

protected void Page_Load(object sender, EventArgs e)
    {
        //http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.layouttemplate.aspx

        FindButton(Login1);
        Login1.Focus();
     


    }

    public void FindButton(Control c)
    {//focus on submit button
        foreach (Control b in c.Controls)
        {
            if (b is LinkButton)
            {
                b.Focus();
                frm.DefaultButton = b.UniqueID;
                return;

                
            }
            if (b.HasControls())
            {
                FindButton(b);
            }
        }
    } 


private bool SiteSpecificAuthenticationMethod(string userName, string password)
    {
        
        try
        {
            if (string.IsNullOrEmpty(Login1.UserName) || string.IsNullOrEmpty(Login1.Password))
            {
                lmsg.Text = "<font style='font-size:11px; color:#ff0000'>Username & Password are required.</font>";
                return false;
            }
             if (Membership.GetUser(Login1.UserName) != null)
            {
                bool LockStatus = Membership.GetUser(Login1.UserName).IsLockedOut;
                if (LockStatus)
                {
                    lmsg.Text = "<font style='font-size:11px; color:#ff0000'>Your account is locked.</font>";
                    return false;
                }
            }

            if  (Membership.ValidateUser(Login1.UserName, Login1.Password))
            {
               
                Session["username"] = Login1.UserName;
                ProfileData pd = new ProfileData();

                foreach (var row in pd.LoadOfficeUserNameDetail(Login1.UserName))
                {
                   ///some business logic code for my project goes here
                }
            }

            else
            {
                lmsg.Text = "<font style='font-size:11px; color:#ff0000'>Invalid Username or Password.</font>";
                return false;
            }
        }
        catch (Exception ex)
        {
           // I log exception here
            };

                    return false;
          

        }
        return true;
    }


    public void OnAuthenticate(object sender, AuthenticateEventArgs e)
    {
        bool authenticated = false;
        authenticated = SiteSpecificAuthenticationMethod(Login1.UserName, Login1.Password);

        e.Authenticated = authenticated;

      
        
       
            if (authenticated && Roles.IsUserInRole(Login1.UserName, "Admin")
                Login1.DestinationPageUrl = "~/main/profile/InitialSignup.aspx?pageTitleId=50";
               

    }

Open in new window

0
 
bobbellowsAuthor Commented:
Thanks so much. I can adapt this.
Bob
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.