ASP.NET Login page using Cookies

Cookies are data used by websites to store user specific data. It contains information regarding users which web application can read whenever the user visits a web page. You can take an example of login into a social site like facebook.com, wherein if you logged in successfully you don’t have to again login until you delete the cookies manually like wiping history. Cookies are supported by most browser today and are used by nearly across all websites.

ASP.NET Login page using Cookies. In this post we will be making a simple web page in asp.net wherein we will login into our website using cookies.

Make a new page in your asp.net website project with name FrmLogin.aspx and edit it as below :

FrmLogin.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="FrmLogin.aspx.cs" Inherits="FrmLogin" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
 <title>Login Page</title>
</head>
<body>
 <form id="form1" runat="server" style="padding: 5px; font-family: Arial; color: #1c1c1c;">
 <div>
 <h2>
 Enter your credentials</h2>
 <hr />
 Username : &nbsp;&nbsp;
 <asp:TextBox runat="server" ID="txtusername" />
 <br />
 <br />
 Password : &nbsp;&nbsp;&nbsp;
 <asp:TextBox runat="server" ID="txtpassword" TextMode="Password" />
 <br />
 <asp:Button runat="server" Text="Login" ID="btnLogin" OnClick="btnLogin_Click" />&nbsp;&nbsp;
 <asp:Button runat="server" Text="Clear" ID="btnClear" OnClick="btnClear_Click" />
 <br />
 <br />
 <asp:Label runat="server" ID="lblMessage" />
 </div>
 </form>
</body>
</html>

ASP.NET Login page using Cookies 1
ASP.NET Login page using Cookies – FrmLogin.aspx

This webpage contains two asp.net text boxes, one for username and other one for entering password. Two asp.net buttons, one for making a login and other one for clearing the texts in the text boxes. And a  asp.net label, for showing error messages if unsuccessful login. Now edit it’s code (.aspx.cs) file as below.

FrmLogin.aspx.cs:

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Data.SqlClient;

public partial class FrmLogin : System.Web.UI.Page
{
 protected void Page_Load(object sender, EventArgs e)
 {

 }
 protected void btnLogin_Click(object sender, EventArgs e)
 {
 SqlConnection con = new SqlConnection("Data Source=hitesh\\sqlexpress;Initial Catalog=parallel;User ID=hitesh;Password=789;");
 con.Open();
 SqlCommand cmd = new SqlCommand("Select * from tblUsers where Username=@Username and Password=@Password", con);
 cmd.Parameters.AddWithValue("@Username", txtusername.Text.ToString());
 cmd.Parameters.AddWithValue("@Password", txtpassword.Text.ToString());
 SqlDataReader reader = cmd.ExecuteReader();
 if (reader.Read())
 {
 HttpCookie cookieName = new HttpCookie("Name", reader["Name"].ToString());
 HttpCookie cookieId = new HttpCookie("Id", reader["userid"].ToString());
 HttpCookie cookieRole = new HttpCookie("Role", reader["Role"].ToString());
 cookieName.Expires = DateTime.Now.AddSeconds(60);
 cookieId.Expires = DateTime.Now.AddSeconds(60);
 cookieRole.Expires = DateTime.Now.AddSeconds(60);
 reader.Close();
 cmd.Dispose();
 con.Close();
 Response.SetCookie(cookieName);
 Response.SetCookie(cookieId);
 Response.SetCookie(cookieRole);
 Response.Redirect("index.aspx");
 }
 else
 {
 reader.Close();
 cmd.Dispose();
 con.Close();
 lblMessage.Text = "Invalid credentials";
 }
 }
 protected void btnClear_Click(object sender, EventArgs e)
 {
 txtpassword.Text = "";
 txtusername.Text = "";
 }
}

Make another page with name Index.aspx and edit it as following :

Index.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Index.aspx.cs" Inherits="Index" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
 <title>Homepage</title>
</head>
<body>
 <form id="form1" runat="server" style="padding: 5px; font-family: Arial; font-weight: bold;">
 <div>
 <asp:Label runat="server" ID="lbluserInfo"></asp:Label>
 <br />
 <br />
 <asp:Button ID="btnLogout" runat="server" BackColor="White" BorderStyle="None"
 Font-Bold="true" Text="Logout" Font-Size="16px" ForeColor="Red" OnClick="btnLogout_Click" />
 </div>
 </form>
</body>
</html>
ASP.NET Login page using Cookies 02
ASP.NET Login page using Cookies – Index.aspx design

This page will be shown on successful login process authorization and it will contain one asp.net label and a button to logout basically clearing the cookies.

And edit its code file as below :

Index.aspx.cs :

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Drawing;

public partial class Index : System.Web.UI.Page
{
 protected void Page_Load(object sender, EventArgs e)
 {
 if (Request.Cookies["Id"] == null)
 {
 Response.Redirect("FrmLogin.aspx");
 }
 else
 {
 String userid = Request.Cookies["Id"].Value.ToString();
 String username = Request.Cookies["Name"].Value.ToString();
 String userrole = Request.Cookies["Role"].Value.ToString();

 lbluserInfo.Text = "Welcome, " + username + ". Your userid is " + userid + " and your role is " + userrole + ".";
 }

 /***
 * if (Session["Name"] == null)
 Response.Redirect("FrmLogin.aspx");
 else
 {
 String userid = Convert.ToString((int)Session["userid"]);
 String username = Session["Name"].ToString();
 String userrole = Session["Role"].ToString();
 
 lbluserInfo.Text = "Welcome, " + username + ". Your userid is " + userid + " and your role is " + userrole + ".";
 }
 */
 }
 protected void btnLogout_Click(object sender, EventArgs e)
 {

 Response.Redirect("FrmLogin.aspx");
 }
}

Now run the project by setting the frmLogin.aspx page as the start page of our asp.net website.