asp.net membership - approval from admin - asp.net

I am using the asp.net mvc sample app and have expanded it a bit. I use the asp.net membership for login and registration for users.
I now want to change it so when people register, instead of instantly being able to login, it goes to some state where an administrator has to approve it. Once this approval happens, then they can log in.
Is there anything built into asp.net membership stuff that will help me to do this or do I have to code it up from scratch using my own implementation?
I have a few ideas and I don't think this is rocket science but I don't want to reinvent the wheel as I want to ship this as soon as possible.

The MembershipUser class has an IsApproved property. You may set it to false when creating a new user and then set it to true when the admin approves the user.
You have to call Membershi.UpdateUser(user) method after setting the property.

Here's some code to build a collection of un-approved users that can be used as the datasource of a data control like a GridView, DataList, or Repeater:
MembershipUserCollection users = Membership.GetAllUsers();
MembershipUserCollection unapprovedUsers = new MembershipUserCollection();
foreach (MembershipUser u in users)
{
if (!u.IsApproved)
unapprovedUsers.Add(u);
}

The MembershipUser class has an IsApproved property, and during user creation you can use one of the overloads on the Membership.CreateUser function which allows that flag to be set. Unfortunately there's no easy way to say "Show me all users who are not yet validated".

Related

Check if specific user is logged in - ASP.NET

I need to know is there's any way to check wither a specific user is currently logged in like in an admin control panel or something
I know there's
HttpContext.Current.User.Identity.IsAuthenticated
but that doesn't cover what I need it just checks wither the current user is not anonymous
I actually I found a solution for it using
MembershipUser user = Membership.GetUser("username");
bool isLogged = user.IsOnline

User.Identity.IsAuthenticated = field value

In my database table i have a field with usernames.
I want the users that are NOT in that field to be redirected to my default websites.
I dont want the users to be able to copy past the URL for another of my aspx sites only if they are users from my field then its ok
Im looking into User.Identity.IsAuthenticated but how would i combine that with my database field?
If User.Identity.IsAuthenticated = "fieldvalue" then
site1.aspx
Else
Server.transfer("default.aspx)
End If
Should i mabye say something like.
If sqlexecute.hasrows then
Site1.aspx
Else
server.transfere("default.aspx")
End IF
User.Identity.IsAuthenticated is a boolean property and can contain only true/false value. You can just check for truthfulness of IsAuthenticated property and then do the redirection like
if(User.Identity.IsAuthenticated)
{
//redirect to site1.aspx
}
else
{
Server.transfer("default.aspx");
}
EDIT:
You are trying to reinvent the wheel. What you are trying is already built into ASP.NET and known as Forms Authentication
It's very well explained in MSDN. See below MSDN links
Explained: Forms Authentication in ASP.NET 2.0
How to: Implement Simple Forms Authentication

User.Identity.Name no longer retains username of current logged in user after creating new user in ASP.NET?

I am pretty new to asp.net membership classes. Please forgivwe me for asking such a fundamental question. I did a brief search but have not found the answer and I'm running out of time.
I am making use of the LoginName, LogIn and CreateUSerWizard controls.
Everything works fine except when I create a new user. The Login Name immediately changes to the show the name of the new user I created. I store the User.Identity.Name in a Session("user") at log in so I thought I could change the contents of User.Identity.Name by setting it the value of the Session variable in the ActivateStep event of the CompleteWizard Step but User.Identity.Name is read only.
How do I change the content of User.Identity.Name or change the content of LogInName after Creating a new User?
If you're using the CreateUserWizard to create a new user, you'll need to set the LoginCreatedUser property to false.

The best solution to customize page controls based on some roles and settings

I have several pages in asp.net each with lots of controls. I Also have some roles in my application that each has some setting options. Now I want to prepare my page based on these settings. Maybe it’s not too clear, so please take a look at my example.
Example: There are some buttons, some textboxes, some datetime picker, and a chart in a page, now what I want is when a user sees this page, the controls appear and disappear based on the users role. An important thing is that I don’t want to have only visible and invisible controls, in some scenarios I need to show controls with some customizations. For example change chart data source, limit selecting date time and so on.
The first solution that I can think of, is saving the settings in database and after visiting the page by user, the settings fetch from database and based on those, I can customize the controls with conditional phrases (if and else). But I suppose it is not a good approach and my page will get very messy.
Please help me with any better solutions and if you know good references about it, please let me know.
Please see this link...use of ControlAdapters may help you...
Role-based enabling/disabling of controls in asp.net
You must use Thread.CurrentPrincipal.
A. When user login to your application, you attach his identity to thread, for example
string[] rolesArray = .....; //Get roles from dataBase by identity.
Thread.CurrentPrincipal = new YourCustomPrincipal(new YourCustomIdentity("YouName", "..."), rolesArray);
B. And when you navige about your application you test Thread.CurrentPrincipal
IPrincipal threadPrincipal = Thread.CurrentPrincipal;
if(threadPrincipal.Roles.Contains("roleTest"))
{
//Adjust your control
}

asp.net display friends logged in

i want to display friends of a user who are currently logged in.
you need the MembershipProvider.GetAllUsers Method, to get a MembershipUserCollection of all registered users in the application.
Then filter that collection on the property IsOnline of the MembershipUser objects in this collection. (EG with LINQ)

Resources