Programmers look at Taobao, how to save user status with Session_ASP Tutorial

Recommended: Seven major authentication methods and solutions for ASP.NET
In B/S system development, authentication is often required. Because web applications are very special and different from traditional C/S programs, by default (no authentication methods and permission control methods are used), when your program is exposed on the Internet/LAN, anyone can access you It is difficult to ensure application security in web applications. To put it simply:

Online shopping has become an indispensable part of life now. We went to Taobao just to consume. Today we changed our perspective and looked at Taobao from a programmer's perspective.

As shown in the picture above:

Situation 1: When you open some web pages related to your account and detect that the user is not logged in, the system will automatically jump to the login interface.

Situation 2: When a user has been logged in, the page will automatically jump to the destination page.

Question: How does the system detect whether the user is logged in and how to save the user's login status?

Let’s talk about your understanding: use Session to save user status.

Solution 1: Each user has a Session object corresponding to. When the user wants to jump to any account-related interface (the purchased treasure page), each page must be loaded to determine the Session object saved. User status.

1. Login interface code:

1. publicpartialclassLogin:System.Web.UI.Page
2. {
3. protectedvoidPage_Load(objectsender,EventArgse)
4. {
5. }
6. protectedvoidLogin1_Authenticate(objectsender,AuthenticateEventArgse)
7. {
8. Session[UserFlag]=false;//First set the session value UserFlage to indicate whether the user is logged in
9. if(UserVolidate(Login1.UserName,Login1.Password)==true)//Call the custom method to verify that the user is logged in successfully
10. {
11. Session[UserFlag]=true;//Login successfully
12. e.Authenticated=true;
13. Response.Redirect(Main.aspx);//Jump the main interface
14. }
15. else{
16. Response.Write(not logged in);// Otherwise, it is not logged in
17. }
18. }
19. ///<summary>
20. ///User login verification
21. ///</summary>
22. ///<paramname=userName>username</param>
23. ///<paramname=userPassword>User Password</param>
24. ///<returns>bool</returns>
25. privateboolUserVolidate(StringuserName,StringuserPassword)
26. {
27. //Connect the database
28. SqlConnectioncon=newSqlConnection(server=.;database=User;uid=sa;pwd=123456;);
29. con.Open();
30. SqlCommandcmd=newSqlCommand(select*fromUserInfowhereUserName=+userName+andPassword=+userPassword);
31. intnum=cmd.ExecuteNonQuery();
32. if(num>0)
33. {
34. returntrue;
35. }
36. else
37. {
38. returnfalse;
39. }
40. }
42. }

Share: 8 Ways to Improve the Performance of ASP.NET Web API
The ASP.NET Web API is a great technology. Writing a Web API is so easy that many developers don't spend time on application structure design to get good execution performance. In this article, I will introduce 8 techniques to improve the performance of ASP.NET Web API. 1) Serialization of JSON using the fastest JSON serialization tool to the entire ASP.NET Web API