Hi ,
i have this Database table(UserID,Name,Surname,Username,Password,Email) and table(RoleID,RoleName,Description) and table(UserID,RoleID )so i create a Login Authentication with username and password to access to the application (with Linq ToSql to store data) and it is right .
Now i wish create a role for each user but i don't know how work out it ...i saw some features about it but refer to web.app ..
I post the code of the procedure that apply to login:enter code here
public partial class Window1 : Window
{
public Window1()
{
InitializeComponent();
}
public bool ValidateApplicationUser(string userName, string password)
{
{
var AuthContext = new DataClasses1DataContext();
var query = from c in AuthContext.Users
where (c.Username == userName.ToLower() && c.Password == password.ToLower())
select c;
if(query.Count() != 0 )
{
return true;
}
return false;
}
}
private void mahhh(object sender, RoutedEventArgs e)
{
bool authenticated = true;
{
if (usernameTextBox.Text !="" && passwordTextBox.Text != "")
{
authenticated = ValidateApplicationUser(usernameTextBox.Text , passwordTextBox.Text);
}
}
if (!authenticated)
{
MessageBox.Show("Invalid login. Try again.");
}
else
{
MessageBox.Show("Congradulations! You're a valid user!");
Window3 c = new Window3();
c.ShowDialog();
this.Close();
}
}
}
Now i don't know how implement a method(code) to assign a role to the user :( .. Do you have any idea or suggest to make it right?
Thanks ...have a nice day.
Bye
-
First, try not to store passwords in the database; it is better to store a hash. I'm not quite sure what you mean "assign a role to the user" - are you having difficulty getting the role from the db? Or are you unsure what to do with it afterwards? If the latter, the "principal" is the way to go; at the simplest level:
string username = ... string[] roles = ... Thread.CurrentPrincipal = new GenericPrincipal( new GenericIdentity(username), roles);
Now you can use role-based security, either declarative or imperative.
Declarative:
[PrincipalPermission(SecurityAction.Demand, Role="ADMIN")] public void Foo() { // validated automatically by the .NET runtime ;-p }
Imperative:
static bool IsInRole(string role) { IPrincipal principal = Thread.CurrentPrincipal; return principal != null && principal.IsInRole(role); } ... bool isAdmin = IsInRole("ADMIN");
JayJay : Hi Marc, my purpose is for example i have a username "employee1" so i will give it the role to access to the application to view only some window and deny to delete,add and edit the database.So after authenticate in the application i wish assign the role for the user"employee1".Thanks for your replyJayJay : Hi MArc sincerely i don't know how go ahead so i ask you if you can post an example (code) to understand better the procedure to work out my trouble.By the way i'm looking also to store a hash .... Have a nice day. ByeMarc Gravell : (have replied to direct e-mail)JayJay : Hi Marc can you explain me where i must put your code following the code of my project? Thanks for your support. ByeMarc Gravell : Usually sandwiched between a login screen and the main screen.JayJay : Thanks Marc ,job done!!! Have a happy day. Bye -
As a supplement to @Marc Gravell's post:
A good article at MSDN "How to: Create GenericPrincipal and GenericIdentity Objects"
0 comments:
Post a Comment