Hey Everyone,
I am working on an ASP.NET MVC app, and I have some views which I want to password protect. Not in a username/password forms auth type of way. When a user tries to go to one of these protected pages, I want them to have to put in a password. I came up with a way to do this, I just want to get some validation that it is a good approach.
When a user comes to the protected page, I'm checking a Dictionary stored in Session, if the id of the page is in there and marked as unlocked, they can view the page. If it is not the will be directed to an Unlock page, where they will have to enter the password. Once they enter the valid password, it'll update the Dictionary and they will be able to view the page.
Is the a valid approach or does anyone have a better idea.
Thanks