Check user authentication at page load

Question

ok i have another question ! (god! i have so many questions)

i have an application and a user must log-in before he/she can access pages. now once the user logs in i keep the user details in a session variable (say Session["CurrentUser"]).

now if a user tries to jump to a page directly i will check if the Session["CurrentUser"] has a value or not...if not then the user will be directed to the login page...

my problem is that i have done this or rather say written this "Checking Code" on almost all the pages.

what i want is this code to stay on a particular location and i will just access that method all the time on all the pages...now where should i write this method ??

thank you.

Answer 1

You could put it in a base class which extends Page, then have all your pages codebehinds extend this.

A better solution would be to use the

Application_AuthenticateRequest

pseudo event in the Global.asax. You really shouldn't be using the session either, have you looked at Forms Authentication?

Answer 2

You could create a class that inherits from System.Web.UI.Page and then have all your individual page classes inherit from that. Have you looked at the built in ASP.net forms authentication techniques?

Answer 3

You should take a look at ASP.NET Authentication. This will allow you to secure a section of your website, or individual pages via the web.config file and uses a cookie to handle authentication instead of you checking a session variable.