ASP.NET Web Pages - Adding Security
Learn ASP.NET Web Pages by building a web site from scratch.
Part V: Adding Security.
What We Will Do
In this chapter we will:
- Add access restriction security to a web page
Membership, Login, and Security
In the previous chapter we added a registration page and a login page to the web site.
When a membership is registered, the user can login, with his email address and password.
However, user membership and login functions do not automatically restrict (or open) any access to the web site.
Security (access restrictions) has to be added to each of the web pages.
Adding Security to Pages
Access restrictions (security) can easily be added to any web page.
Just put the following code inside the page:
The code above executes an if test, asking if the user is logged in. If not, the user is redirected to the login page.
Preventing Access to the Database
In our example, the page Customers.cshtml, lists customers from the "Northwind" database.
Add the security code at the beginning of the page:
Layout = "Layout.cshtml";
var db = Database.Open("Northwind");
var query = db.Query("SELECT CompanyName,City,Country FROM Customers");
@foreach(var row in query)
The Customers page above, is a copy of the page from the previous chapter about databases. The security code (added at the beginning) is marked red.
You have added security to your web site, using the WebSecurity object.
For a full reference to the WebSecurity object, please visit our WebSecurity Object Reference.
Thank You For Helping Us!
Your message has been sent to W3Schools.