I have site with login form on homepage. Login form have remember_me feature. I can't figure out how to convert IS_AUTHENTICATED_REMEMBERED to IS_AUTHENTICATED_FULLY.
I suppose I should use Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices and method loginSuccess() or autoLogin() but I don't know how…
Why do you need to convert the user's role to IS_AUTHENTICATED_FULLY?
The documentation page How to add "Remember Me" Login Functionality should provide you with all of the information you need to get this working.
Related
How to implement a before filter that asks to confirm a user password to access some routes?
I'd see this when using Laravel (password.confirm middleware) but I could find similar for Symfony.
Thank you.
I can't comment so #alessandro_podo.. I'd try eventlistener but I don't know how to redirecto to login page and back to the current route. #KMAHY that's not what I need.. I don't wanna check isGranted I want to ask for user to enter username/password even if he is logged in.
I want my website to be seen by anonymous users. and i don't want it to have a login /register user part.
i just need one user as administrator and its username and password is chosen manually.
what is the best practice to implement this login part (website has only one user for ever).
my question is how to implement this one user login part, where store username and password and does it need a table in database?
For me - if you're having such a simple system, then merely storing the username / pwd in the web.config is fine.
I'd create a helper class to wrap up talking to the config file (ConfigurationManager.AppSettings on MSDN) and use and evaluate a simple "logon" action.
No table needed.
Finally - make sure you add the AuthoriseAttribute to your controller that will be doing the admin actions...
HTH
Simplest way - just delete the controller and the view responsible for registering new users, change the routing to the login page and you're set.
I am creating a customer module in asp.net website project. i developed login page and from login page i am entering to customer home page. here i am giving menu items like
customerprofile
2.customerpurchased items
3.customervieweditems
4.customerbiilingpage like
here for every page i need used login id that should come directly in pageload.
please any one help me how to pass login user id to above 4 pages.
You should look into authentication for this site. Search on FormsAuthentication using a FormsAuthenticationTicket, or use the newer Memebership and Roles functionality. Do this properly and you really don't "pass" the login aroun, you read it from the HttpContext.Current.User.Identity container.
why not you use Session ? Session is the best case for your scenario. or if you wanted to use Authentication mechanism, then Go for Membership Provider, FormsAuthentication. How To Implement Simple Forms Authentication
Session["UserID"]=yourUseID;
to retreive
var userID=Session["UserID"].ToStrin();
I have one situation. I create a website. Then I put a tab that will link to Facebook authorization login page. Can I pass login parameter(Email,Password) to the Facebook authorization login page?? So that the user can authorize the application without see the authorization login page.
Thanks.
No. You can't do that. It would require the user to give you their facebook password which obviously would be breaking all kinds of terms and conditions. This is what OAuth is for. Check out the documentation on authentication
I'm currently developing an ASP.NET website, and I'm using ASP.NET's built-in Login control with client-side cookie generation for state management.
Unfortunately, as I didn't figure out how to append custom information (generated by other controls on my application) to the Login control self-generated cookie, my application generates an additional cookie to store that additional info. Basically, I have two cookies: one managed by the Login control and another managed by me, programatically.
What I would like to know is if it's possible to merge my additional information into the infrastructure's Login control self-generated cookie. This would prevent some issues with the "sliding timeout" feature that could result on my "custom cookie" expiring with the user being logged in - I could solve this one with a custom HTTP Module to prevent it, but that seems to me as an "inelegant" solution.
Any brilliant mind could help me out with this?
Thanks in advance for your attention and support.
Yes, you can store data in the UserData property of the authentication ticket. Please see the section "Storing the Username of the Admin User Who Logged On As Another User" at https://web.archive.org/web/20210304120451/https://www.4guysfromrolla.com/articles/102208-1.aspx
However, you might find the User Profile system to be more useful. https://web.archive.org/web/20211020111657/https://www.4guysfromrolla.com/articles/101106-1.aspx