tags:

views:

163

answers:

1
+1  Q: 

Example website login/registration code?

I am looking at building the login/registration part of a website (ASP.NET) and would like to see some example code or instructions on how to do this properly. For example, how to correctly use cookies and how to encrypt what is stored in the cookie to ensure the session persists until they logout/timeout.

I do not want to use the builtin ASP.NET Membership/Provider stuff as it looks painful to use and not very flexible. Please do not answer with 'This is how easy the ASP.NET Membership/Providre stuff is to use, just check this out and you will use it!' as I don't want to use it!

+1  A: 

Hi Phil,

Don't get me wrong, I'm just wondering what exactly do you find painful and not flexible about the ASP.NET providers? I've used them a lot and I find them very flexible. I've even written some custom providers which is a straight forward process.

If you don't want to use ASP.NET providers, what are your exact requirements? I might help you out if I understand a bit better what you are trying to achieve.

Michael

Michael Ulmann  2010-03-13 00:38:33
I want the user to login with an email/password pair and not using a username/password. This reduces the amount of information they have to remember to login. The provider implementation only give username/password as the parameters to use for validation.
Phil Wright  2010-03-13 00:43:48
When someone registers using an email address/password combo, I would immediately email that address for confirmation it is valid and expect them to click a link to confirm it. Even better, I could get a new user to provide only an email address to register and then email them their password for subsequent use. That reduces registration to just 1 field. Much better chances of getting them to do that.
Phil Wright  2010-03-13 00:48:59
You could achive the former by having the email address act as username. In this case you might use a custom wizard for registration but you can still take advantage of the rest of provider implementation such as cookie handling, persistence...Regarding having only an email field to register, I personally find that anoying if I then have to go back to my email to find a password that I for sure not like just to login and have to change it. Do you know what I mean?
Michael Ulmann  2010-03-13 00:58:29
If you still want to go down the path of implementing a complete custom solution you may want to have a look at how the providers are implemented (e.g. using Reflector).I haven't done custom logins since .NET 2.0 came out. However, I might find an example from prior 2.0 if you are interested.
Michael Ulmann  2010-03-13 01:02:00
If you find anything that would be great. Thanks.
Phil Wright  2010-03-13 01:35:44
I take that you intend to use forms authentication right?
Michael Ulmann  2010-03-13 02:08:13

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps