Login em ASP.NET
Solução para login que não exige programação
Você pode se "inspirar" nesses controles
Não precisa se preocupar com padrões já testados diversas vezes
Exclusivo para ASP.NET
Cuidado para seu website não ficar com uma aparência de "template"
<membership>
<providers>
<add name="accountingProvider"
type="System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.3600.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
description="Configurações de MemberShip"/>
</providers>
</membership>
Implementa interface de autenticação de usuário
The Login control displays a user interface for user authentication. The Login control contains text boxes for the user name and password and a check box that allows users to indicate whether they want the server to store their identity using ASP.NET membership and automatically be authenticated the next time they visit the site.
The Login control has properties for customized display, for customized messages, and for links to other pages where users can change their password or recover a forgotten password. The Login control can be used as a standalone control on a main or home page, or you can use it on a dedicated login page.
If you use the Login control with ASP.NET membership, you do not need to write code to perform authentication. However, if you want to create your own authentication logic, you can handle the Login control's Authenticate event and add custom authentication code.
Permite a visualização de diferentes níveis de informação
The LoginView control allows you to display different information to anonymous and logged-in users. The control displays one of two templates: the AnonymousTemplate or the LoggedInTemplate. In the templates, you can add markup and controls that display information appropriate for anonymous users and authenticated users, respectively.
The LoginView control also includes events for ViewChanging and ViewChanged, which allow you to write handlers for when the user logs in and changes status.
Login para o usuário não-autenticado
Logout para o usuário autenticado
The LoginStatus control displays a login link for users who are not authenticated and a logout link for users who are authenticated. The login link takes the user to a login page. The logout link resets the current user's identity to be an anonymous user.
You can customize the appearance of the LoginStatus control by setting the LoginText and LoginImageUrl properties.
Mostra o nome do usuário logado
The PasswordRecovery control allows user passwords to be retrieved based on the e-mail address that was used when the account was created. The PasswordRecovery control sends an e-mail message containing a password to the user.
You can configure ASP.NET membership to store passwords using non-reversible encryption. In that case, the PasswordRecovery control generates a new password instead of sending the original password to the user.
You can also configure membership to include a security question that the user must answer to recover a password. If you do, the PasswordRecovery control asks the question and checks the answer before recovering the password.
The PasswordRecovery control requires that your application can forward e-mail message to a Simple Mail Transfer Protocol (SMTP) server. You can customize the text and format of the e-mail message sent to the user by setting the MailDefinition property.
Coletar informações de usuários
Criação de novos usuários
The CreateUserWizard control collects information from potential users. By default, the CreateUserWizard control adds the new user to the ASP.NET membership system.
The CreateUserWizard control gathers the following user information:
User name
Password
Confirmation of password
E-mail address
Security question
Security answer
This information is used to authenticate users and recover user passwords, if necessary.
É possivel alterar algumas propriedades da criação do usuário alterando a seção <membership> no web.config
<membership>
<providers>
<add name="accountingProvider"
type="System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.3600.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
description="Configurações de MemberShip"/>
</providers>
</membership>
Permite a troca da senha do usuário
The ChangePassword control allows users to change their password. The user must first supply the original password and then create and confirm the new password. If the original password is correct, the user password is changed to the new password. The control also includes support for sending an e-mail message about the new password.
The ChangePassword control includes two templated views that are displayed to the user. The first is the ChangePasswordTemplate, which displays the user interface used to gather the data required to change the user password. The second template is the SuccessTemplate, which defines the user interface that is displayed after a user password has been successfully changed.
The ChangePassword control works with authenticated and non-authenticated users. If a user has not been authenticated, the control prompts the user for a login name. If the user is authenticated, the control populates the text box with the user's login name.
Dentro do arquivo web.config, configure a autenticação via Forms
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
</httpModules>
<authentication mode="Forms">
<forms loginUrl="Default.aspx" protection="All"
timeout="30" name=".ASPXAUTH"
path="/" requireSSL="false"
slidingExpiration="true"
defaultUrl="Default.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false">
</forms>
</authentication>
<authorization>
<allow users="?"/>
</authorization>
Na visualização AnonymousTemplate, coloque um texto explicativo e um componente LoginStatus
Na visualização LoggedIn, coloque um texto explicativo e um componente LoginName
<asp:LoginView ID="LoginView1" runat="server">
<LoggedInTemplate>
<asp:LoginName ID="LoginName1" runat="server" FormatString="Olá, {0}!" />
<br />
Só usuários logados podem visualizar este texto!
</LoggedInTemplate>
<AnonymousTemplate>
Bem-vindo à loja virtual do Zé.<br />
Você deve estar logado para visualizar esta página!<br />
<asp:LoginStatus ID="LoginStatus1" runat="server" />
</AnonymousTemplate>
</asp:LoginView>
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (Login1.Password == "12345")
{
e.Authenticated = true;
}
else
{
e.Authenticated = false;
}
}