Authenticating users
To authenticate a user you must perform the following:
- Acquire the username and the password.
Make the user input his username and password.
- Authenticate the user.
To authenticate the user, call the AuthenticateUser static method of the SecurityManager and pass the required arguments. The method returns a enumeration value of type UserLoggingReason. The enumeration has the following values:
- Success
The user is successfully authenticated.
- UserLimitReached
The limit of maximum simultaneous logged in users is reached.
- UserNotFound
User cannot be found in any provider.
- UserLoggedFromDifferentIp
User is already logged in from different IP address.
- SessionExpired
Indicates that the user’s session has expired.
- UserLoggedOff
The user have the authentication cookie, but is not logged in the database or is already logged out.
- UserLoggedFromDifferentComputer
More than one user are trying to login from the same IP but from different computers.
- Unknown
The username or the password is invalid.
- NeedAdminRights
The user is not administrator to logout other users.
- UserAlreadyLoggedIn
User already is logged in. You need to ask the user to logout someone or himself.
- UserRevoked
User was revoked. The reason is that the user was deleted or user rights and role membership was changed.
The AuthenticateUser method accepts the following parameters:
- membershipProviderName
Represents the name of the membership provider for the user. To specify the default provider pass null.
- username
Represents the username of the user.
- password
Represents the password of the user.
- persistent
Specify whether the user to be remembered on this computer.
TIP: You can wrap these parameters inside an instance of the Credentials class.
Here is a code example:
public static UserLoggingReason AuthenticateUser(string username, string password)
{
UserLoggingReason result = SecurityManager.AuthenticateUser(null, username, password, true);
return result;
}