Create data table in sql server by the following query
create proc SP_Authenticate_User
@u_Name nvarchar(200),
@u_Password nvarchar(200)
as
begin
Declare @Count int
select @Count=COUNT(u_Name) from tblUser
where u_Name=@u_Name
and u_Password=@u_Password
if(@Count=1)
begin
select 1 as ReturnCode
end
else
begin
select -1 as ReturnCode
end
end
<system.web>
<compilation debug="true" targetFramework="4.6"/>
<httpRuntime targetFramework="4.6"/>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" defaultUrl="Welcome.aspx">
<credentials passwordFormat="Clear">
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Add Login.aspx web form and add the following code.
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr>
<td>User Name:</td>
<td><input type="text" id="txtUserName" runat="server" /> </td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="txtPassword" runat="server" /> </td>
</tr>
<tr>
<td colspan="2">
<asp:Label ID="lblError" runat="server"></asp:Label>
</td>
</tr>
<tr>
<td><asp:Button ID="btnLogin" runat="server" Text="Login" OnClick="btnLogin_Click" /></td>
<td><asp:Button ID="btnCancel" runat="server" Text="Cancel" /></td>
</tr>
</table>
</div>
</form>
</body>
</html>
create table tblUser(
id int identity(1,1) primary key,
u_Name nvarchar(200),
u_Password nvarchar(200),
u_Email nvarchar(200)
)
Now create the store procedure for login authentication
Now create the store procedure for login authentication
create proc SP_Authenticate_User
@u_Name nvarchar(200),
@u_Password nvarchar(200)
as
begin
Declare @Count int
select @Count=COUNT(u_Name) from tblUser
where u_Name=@u_Name
and u_Password=@u_Password
if(@Count=1)
begin
select 1 as ReturnCode
end
else
begin
select -1 as ReturnCode
end
end
<system.web>
<compilation debug="true" targetFramework="4.6"/>
<httpRuntime targetFramework="4.6"/>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" defaultUrl="Welcome.aspx">
<credentials passwordFormat="Clear">
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Add Login.aspx web form and add the following code.
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr>
<td>User Name:</td>
<td><input type="text" id="txtUserName" runat="server" /> </td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="txtPassword" runat="server" /> </td>
</tr>
<tr>
<td colspan="2">
<asp:Label ID="lblError" runat="server"></asp:Label>
</td>
</tr>
<tr>
<td><asp:Button ID="btnLogin" runat="server" Text="Login" OnClick="btnLogin_Click" /></td>
<td><asp:Button ID="btnCancel" runat="server" Text="Cancel" /></td>
</tr>
</table>
</div>
</form>
</body>
</html>
add the following c# code into Login.aspx.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;
namespace authenticate
{
public partial class Login : System.Web.UI.Page
{
public static string StringCon = null;
SqlConnection conn = null;
public static string StringCon = null;
SqlConnection conn = null;
protected void Page_Load(object sender, EventArgs e)
{
StringCon = ConfigurationSettings.AppSettings["ConnectionString"];
conn = new SqlConnection(StringCon);
conn = new SqlConnection(StringCon);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
if (authenticateUser(txtUserName.Value, txtPassword.Value))
{
//true=to create a durable cookie(once that is saved across browser session) otherwise false.
FormsAuthentication.RedirectFromLoginPage(txtUserName.Value, false);
}
else
{
lblError.Text = "Wrong User name or password !";
}
{
//true=to create a durable cookie(once that is saved across browser session) otherwise false.
FormsAuthentication.RedirectFromLoginPage(txtUserName.Value, false);
}
else
{
lblError.Text = "Wrong User name or password !";
}
}
protected bool authenticateUser(string userName,string Password)
{
try
{
string sql = "SP_Authenticate_User";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@u_Name",userName);
string encripted_Pass = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "SHA1");
cmd.Parameters.AddWithValue("@u_Password", encripted_Pass);
conn.Open();
int returnCode = (int)cmd.ExecuteScalar();
return returnCode == 1;
}
catch(Exception ex)
{
}
finally
{
conn.Close();
}
return false;
}
protected bool authenticateUser(string userName,string Password)
{
try
{
string sql = "SP_Authenticate_User";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@u_Name",userName);
string encripted_Pass = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "SHA1");
cmd.Parameters.AddWithValue("@u_Password", encripted_Pass);
conn.Open();
int returnCode = (int)cmd.ExecuteScalar();
return returnCode == 1;
}
catch(Exception ex)
{
}
finally
{
conn.Close();
}
return false;
}
}
