By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,389 Members | 2,052 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,389 IT Pros & Developers. It's quick & easy.

I need help with something

P: n/a
Ok let me try to explain this as good as I can. I am creating this
application where it contains a userlogin class. The user logs in
before entering the main apploication. I want to do audit trails and I
am trying to figure out how to get the user ID that logged in. Can
anyone help me.

I have samples if anyone needs them.

Oct 1 '06 #1
Share this Question
Share on Google+
11 Replies


P: n/a
Hi Matthew,

Where does the userlogin class get the user's data from?
And what do you mean by user ID? Are you referring to a database column or web service return value, for example?
Or are you just looking for a way to identify the Windows user that logged into your ASP.NET program?
Perhaps you're running a WinForms application that uses LDAP to login its users?

You'll need to supply these answers, at least, if anyone is going to be able to help you.

See Jon's Skeets article: http://www.yoda.arachsys.com/csharp/complete.html
I have samples if anyone needs them.
Might be useful. You'll have to supply more information about the problem at hand if anyone is going to determine the usefulness of
examples.

--
Dave Sexton

"Matthew" <ma******@yahoo.comwrote in message news:11**********************@m73g2000cwd.googlegr oups.com...
Ok let me try to explain this as good as I can. I am creating this
application where it contains a userlogin class. The user logs in
before entering the main apploication. I want to do audit trails and I
am trying to figure out how to get the user ID that logged in. Can
anyone help me.

I have samples if anyone needs them.

Oct 1 '06 #2

P: n/a
Hey Dave,

This is a windows application first and foremost and I am using C#.
the userlogin class is a seperate class by itself, the ID is one of the
public properties of the userlogin class.

The logic goes like this.

The application starts up and the login screen loads up. The user
enters their ID and password, and presses llogin button, where the
userlogin class does the authentication. and if the authentication
passes then the login screen unloads and themain screen loads.
USERLOGIN CLASS:

namespace RegIT.RegitClasses
{
/// <summary>
/// Summary description for UserLogin.
/// </summary>
///

public class regitUserLogin
{
private int uloginID;
private string uloginEmpNumber;
private string uloginPassword;
private string uloginCreateDate;
private string uloginChangeDate;
private string uloginChangeBy;
private regitUserLogin[] uloginList;
private string strEncrKey = "m74r95c96=";
public string PassWordHash;

public int ID
{
get{return uloginID;}
set{uloginID = value;}
}
public string EmpNumber
{
get{return uloginEmpNumber;}
set{uloginEmpNumber = value;}
}
public string Password
{
get{return uloginPassword;}
set
{
uloginPassword = value;
uloginPassword = EncryptedPassword;
}
}
public string CreateDate
{
get{return uloginCreateDate;}
set{uloginCreateDate = Convert.ToString(value);}
}
public string ChangeDate
{
get{return uloginChangeDate;}
set{uloginChangeDate = Convert.ToString(value);}
}
public string ChangeBy
{
get{return uloginChangeBy;}
set{uloginChangeBy = value;}
}
public regitUserLogin[] LoginList
{
get{return uloginList;}
set{uloginList=value;}
}
private string EncryptedPassword
{

get{return Encrypt(strEncrKey, out uloginPassword);}
}

protected string Encrypt(string EncryptionKey,out string
uloginPassword)
{
byte[] byteKey = Encoding.UTF8.GetBytes(EncryptionKey);
string regitPWD = Password;
HMACSHA1 hmac = new HMACSHA1(byteKey);

byte[] bytePWD = Encoding.UTF8.GetBytes(regitPWD);
byte[] byteHash = hmac.ComputeHash(bytePWD);
uloginPassword = Convert.ToBase64String(byteHash);

return uloginPassword;
}

public bool regitAuthenticateLogin(string EmpNumber, string Password)
{
regitDatabase regitDB = new regitDatabase();
SqlParameter[] regitParams = new SqlParameter[2];
SqlDataReader regitDR = null;
try
{
string compareENum = "";
string compareEPwd = "";

regitParams[0] = regitDB.regitMakeParameter("@EmpNumber",
Convert.ToString(EmpNumber).Trim());
regitParams[1] = regitDB.regitMakeParameter("@EmpPassword",
Convert.ToString(Password).Trim());
regitDB.regitRunProcedure("regit_sp_Get_UserLogin_ Authentication",
regitParams, ref regitDR);

while(regitDR.Read())
{
compareENum = regitDR["emp_Number"].ToString();
compareEPwd = regitDR["emp_Password"].ToString();
}
regitDR.Close();
regitDB.regitConnectionClose();
regitDB.regitConnectionDispose();

if(compareENum==EmpNumber && compareEPwd==Password)
{
return true;
}
else
{
return false;
}
}
catch(Exception ex)
{
throw(ex);
return false;
}
finally
{
regitDR.Close();
regitDB.regitConnectionClose();
regitDB.regitConnectionDispose();
regitParams = null;
}
}
public bool regitCreateLogin(string EmpNumber, string Password)
{
regitDatabase regitDB = new regitDatabase();
SqlParameter[] regitParams = new SqlParameter[2];

try
{
regitParams[0] = regitDB.regitMakeParameter("@EmpNumber",
EmpNumber);
regitParams[1] = regitDB.regitMakeParameter("@EmpPassword",
Password);
regitDB.regitRunProcedure("regit_sp_Add_UserLogin" , regitParams);

return true;
}
catch(SqlException sqlex)
{
throw(sqlex);
}
catch
{return false;}
finally
{
regitParams = null;
regitDB.regitConnectionClose();
regitDB.regitConnectionDispose();
}
}
}
}

Oct 1 '06 #3

P: n/a
Hi Matthew,

Your "logic" sounds fine but you haven't asked any questions yet. What do you need help with?

--
Dave Sexton

"Matthew" <ma******@yahoo.comwrote in message news:11**********************@m7g2000cwm.googlegro ups.com...
Hey Dave,

This is a windows application first and foremost and I am using C#.
the userlogin class is a seperate class by itself, the ID is one of the
public properties of the userlogin class.

The logic goes like this.

The application starts up and the login screen loads up. The user
enters their ID and password, and presses llogin button, where the
userlogin class does the authentication. and if the authentication
passes then the login screen unloads and themain screen loads.
USERLOGIN CLASS:

namespace RegIT.RegitClasses
{
/// <summary>
/// Summary description for UserLogin.
/// </summary>
///

public class regitUserLogin
{
private int uloginID;
private string uloginEmpNumber;
private string uloginPassword;
private string uloginCreateDate;
private string uloginChangeDate;
private string uloginChangeBy;
private regitUserLogin[] uloginList;
private string strEncrKey = "m74r95c96=";
public string PassWordHash;

public int ID
{
get{return uloginID;}
set{uloginID = value;}
}
public string EmpNumber
{
get{return uloginEmpNumber;}
set{uloginEmpNumber = value;}
}
public string Password
{
get{return uloginPassword;}
set
{
uloginPassword = value;
uloginPassword = EncryptedPassword;
}
}
public string CreateDate
{
get{return uloginCreateDate;}
set{uloginCreateDate = Convert.ToString(value);}
}
public string ChangeDate
{
get{return uloginChangeDate;}
set{uloginChangeDate = Convert.ToString(value);}
}
public string ChangeBy
{
get{return uloginChangeBy;}
set{uloginChangeBy = value;}
}
public regitUserLogin[] LoginList
{
get{return uloginList;}
set{uloginList=value;}
}
private string EncryptedPassword
{

get{return Encrypt(strEncrKey, out uloginPassword);}
}

protected string Encrypt(string EncryptionKey,out string
uloginPassword)
{
byte[] byteKey = Encoding.UTF8.GetBytes(EncryptionKey);
string regitPWD = Password;
HMACSHA1 hmac = new HMACSHA1(byteKey);

byte[] bytePWD = Encoding.UTF8.GetBytes(regitPWD);
byte[] byteHash = hmac.ComputeHash(bytePWD);
uloginPassword = Convert.ToBase64String(byteHash);

return uloginPassword;
}

public bool regitAuthenticateLogin(string EmpNumber, string Password)
{
regitDatabase regitDB = new regitDatabase();
SqlParameter[] regitParams = new SqlParameter[2];
SqlDataReader regitDR = null;
try
{
string compareENum = "";
string compareEPwd = "";

regitParams[0] = regitDB.regitMakeParameter("@EmpNumber",
Convert.ToString(EmpNumber).Trim());
regitParams[1] = regitDB.regitMakeParameter("@EmpPassword",
Convert.ToString(Password).Trim());
regitDB.regitRunProcedure("regit_sp_Get_UserLogin_ Authentication",
regitParams, ref regitDR);

while(regitDR.Read())
{
compareENum = regitDR["emp_Number"].ToString();
compareEPwd = regitDR["emp_Password"].ToString();
}
regitDR.Close();
regitDB.regitConnectionClose();
regitDB.regitConnectionDispose();

if(compareENum==EmpNumber && compareEPwd==Password)
{
return true;
}
else
{
return false;
}
}
catch(Exception ex)
{
throw(ex);
return false;
}
finally
{
regitDR.Close();
regitDB.regitConnectionClose();
regitDB.regitConnectionDispose();
regitParams = null;
}
}
public bool regitCreateLogin(string EmpNumber, string Password)
{
regitDatabase regitDB = new regitDatabase();
SqlParameter[] regitParams = new SqlParameter[2];

try
{
regitParams[0] = regitDB.regitMakeParameter("@EmpNumber",
EmpNumber);
regitParams[1] = regitDB.regitMakeParameter("@EmpPassword",
Password);
regitDB.regitRunProcedure("regit_sp_Add_UserLogin" , regitParams);

return true;
}
catch(SqlException sqlex)
{
throw(sqlex);
}
catch
{return false;}
finally
{
regitParams = null;
regitDB.regitConnectionClose();
regitDB.regitConnectionDispose();
}
}
}
}

Oct 1 '06 #4

P: n/a
Sorry Dave,

Ok the question is, how do I go about setting a global isntance of the
a user class in which I can call anytime to retrieve the user that is
logged in into the application. I know this should be something I
should know, but I am used to VB, and learning C# by implementing it
into my own application, basically trying to learn it on my own.

Oct 1 '06 #5

P: n/a
Hi Matthew,

There are a few ways to accomplish your goal but I've included the simplest example I could think of here:

internal sealed class User
{
/// <summary>Gets the currently logged in <see cref="User" /or <c>null</c>.</summary>
public static User LoginUser { get { return loginUser; } } // note the "static" keyword

// instance properties (not "shared")
public string UserName { get { return userName; } }
public string Password { get { return password; } }

// private, "shared" reference to the currently logged in user
private static User loginUser; // note the "static" keyword

// private instance (not "shared") fields
private string userName, password;

// using a single, private constructor prevents instances of this class from being created externally (by other classes other
than User itself)
private User()
{
}

/// <summary>Logs in a <see cref="User" /with the specified <paramref name="userName" /and <paramref name="password"
/>.</summary>
/// <param name="userName">Name of the user to be logged in.</param>
/// <param name="password">Password of the user to be logged in.</param>
public static User Login(string userName, string password)
{
if (loginUser != null)
throw new InvalidOperationException("A user is already logged into the application: " + loginUser.UserName);

User user = new User();
user.userName = userName;
user.password = password;

// TODO: login user with supplied credentials

// store user in static field for "shared" access
loginUser = user;
return user;
}
}
The User class can be used as such:

// Login the user using the static Login method:
User user = User.Login("user name", "the password");

// Later, in code where you don't have that user variable (it is out of scope)
// the logged in User can be retrieve through the static LoginUser property:
User user = User.LoginUser;
string loginUserName = user.UserName;
(Please note that I didn't try to build this code. If you have any problems building it, or understanding it for that matter, then
just let me know and I'll try to help)

I used the static keyword on the loginUser field and the LoginUser property so that the logged in User can be referenced in code
without the need of a User instance. I believe VB used "Modules" for this type of functionality, however Modules have a global
visibility, IIRC. In C# you can only access the static members above by explicitly referencing the User class: User.Login("name",
"password") and User.LoginUser, as in my code sample.

(Note: I seem to remember that shared was a common VB term, so I laced the comments above with the term "shared" to make things
clearer to you, however I recommend that you get used to using the term "static" instead if you aren't already. ;)

Another common way to retrieve the login user is to create an IIdentity implementation (yes, with two I's) and add it to a new
GenericPrincipal instance when the user first logs in. Then, assign the principal to the current Thread via the static
Thread.CurrentPrincipal property. It can be retrieved at anytime by any code that executes on that Thread. (see the
System.Security.Principal namespace and the System.Threading namespace).

--
Dave Sexton

"Matthew" <ma******@yahoo.comwrote in message news:11**********************@b28g2000cwb.googlegr oups.com...
Sorry Dave,

Ok the question is, how do I go about setting a global isntance of the
a user class in which I can call anytime to retrieve the user that is
logged in into the application. I know this should be something I
should know, but I am used to VB, and learning C# by implementing it
into my own application, basically trying to learn it on my own.

Oct 1 '06 #6

P: n/a
Thanks Dave,

I am going to implement that into the code and build it and see if it
works to what I need. You know what you are talking about so thank you
very much in advanced.

I will let you know how it turns out.

Matthew

Oct 1 '06 #7

P: n/a
Thanks Dave,

I am going to implement that into the code and build it and see if it
works to what I need. You know what you are talking about so thank you
very much in advanced.

I will let you know how it turns out.

Matthew

Oct 1 '06 #8

P: n/a
Thanks Dave,

I am going to implement that into the code and build it and see if it
works to what I need. You know what you are talking about so thank you
very much in advanced.

I will let you know how it turns out.

Matthew

Oct 1 '06 #9

P: n/a
Dave,

where do I place the internal sealed class User. I tried to place it
into its own class file but I can not access it dues to the privileges
and protection level.

Oct 1 '06 #10

P: n/a
Hi Matthew,

You can change internal to public if you'd like. I try to mark all classes that will not be used externally as internal and I just
assumed that your login code would be internal to the assembly in which it was coded. Of course, if you are declaring the class in
a class library and referencing it in from within a different project then it will have to be public, not internal.

--
Dave Sexton

"Matthew" <ma******@yahoo.comwrote in message news:11**********************@h48g2000cwc.googlegr oups.com...
Dave,

where do I place the internal sealed class User. I tried to place it
into its own class file but I can not access it dues to the privileges
and protection level.

Oct 1 '06 #11

P: n/a
Thanks Dave once again.

Oct 1 '06 #12

This discussion thread is closed

Replies have been disabled for this discussion.