I am using the Default Membership Provider that ASP 4.5 WebForms uses (using my own database) and I am facing a problem regarding the login form. I want to make a custom one because I am using a fancy CSS/HTML5 code for it, but using the default control given my Visual Studio just breaks it, and I want to execute some custom code on the login press while also maintaining the controls that Default Membership Provider already brings (like Password Failure count, etc). What method/process should I call or what custom code should I write so that when the user writes the username and password it uses the values of those textboxes for login purposes? I tried dabbling into the Login button of the Login controller but its too limited in scope and the tables still break a bit the design. Any help is greatly appreciated!
As Promised this is the full code I used with some truncations regarding query and stuff:
MembershipCreateStatus status;
string passwordQuestion = "";
string passwordAnswer = "";
if (Membership.RequiresQuestionAndAnswer)
{
passwordQuestion = txtQ.Text;
passwordAnswer = txtA.Text;
}
try
{
MembershipUser newUser = Membership.CreateUser(txtUserName.Text, txtPassword.Text,
txtEmail.Text, passwordQuestion,
passwordAnswer, true, out status);
if (newUser == null)
{
Label1.Visible = true;
Label1.Text = GetErrorMessage(status);
}
else
{
string connect4 = ConfigurationManager.ConnectionStrings["InternalConnection"].ConnectionString;
using (SqlConnection conn4 = new SqlConnection(connect4))
{
string query4 = "INSERT INTO [UserInfo] ([UserName], [ConfirmationToken], [Validated], [FullInfo], [EMail], [SocioNum], [Birthday], [PostalAddress], [Zip], [City], [State], [Phone], [Fullname], [SocialSecurityEncrypted], [JoinDate]) VALUES (@UserName, @ConfirmationToken, @Validated, @FullInfo, @EMail, @SocioNum, @Birthday, @PostalAddress, @Zip, @City, @State, @Phone, @Fullname, @SocialSecurityEncrypted, @JoinDate)";
SqlCommand cmd4 = new SqlCommand(query4, conn4);
));
string s = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
Random r = new Random();
StringBuilder sb = new StringBuilder();
for (int i = 1; i <= 30; i++)
{
int idx = r.Next(0, 35);
sb.Append(s.Substring(idx, 1));
}
string token = Convert.ToString(sb);
cmd4.Parameters.AddWithValue("@ConfirmationToken", (token));
(parameters here)
cmd4.CommandTimeout = 240;
conn4.Open();
cmd4.ExecuteNonQuery();
conn4.Close();
Session["Fullname"] = txtNombre.Text;
Session["token"] = token;
}
//CUSTOM EMAIL CODE
MailMessage mail = new MailMessage();
SmtpClient SmtpServer = new SmtpClient("servername");
mail.From = new MailAddress("[email protected]");
mail.To.Add(txtEmail.Text);
mail.IsBodyHtml = true;
mail.Subject = "Subject";
mail.Body = "HTML CODE HERE while sending token for verification.";
SmtpServer.Port = 25;
SmtpServer.Credentials = new System.Net.NetworkCredential("user", "pass");
SmtpServer.EnableSsl = false;
SmtpServer.Send(mail);
Response.Redirect("~/Login.aspx");
}
}
catch
{
Label1.Visible = true;
Label1.Text = "Erro. Verify info..";
}
}
public string GetErrorMessage(MembershipCreateStatus status)
{
switch (status)
{
case MembershipCreateStatus.DuplicateUserName:
return ".";
case MembershipCreateStatus.DuplicateEmail:
return ".";
case MembershipCreateStatus.InvalidPassword:
return "Password invalid.";
case MembershipCreateStatus.InvalidEmail:
return "";
case MembershipCreateStatus.InvalidAnswer:
return "";
case MembershipCreateStatus.InvalidQuestion:
return "";
case MembershipCreateStatus.InvalidUserName:
return "Invalid";
case MembershipCreateStatus.ProviderError:
return "Error";
case MembershipCreateStatus.UserRejected:
return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
default:
return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
}
}
}
}
What this does it registers the ASP.NET Default Membership provider but I created a second table for further information and as well a ConfirmationToken that generates and is sent by email to the user, who then clicks the confirmation like and a confirmation page reads the URL parameters and if it validates it turns on a boolean in the UserInfo table. In the login process before the actual ASP memebrship login I have a user verification query that verifies if the user is already validated, and if so it continues with the default asp membership login.