Allow Only Active Users to Login
If you have an Active / Inactive flag in your application’s user table and you would like only active users to login, you can accomplish this in multiple ways using Iron Speed Designer.
- Mahalakshmi Ramachandran, Software Engineer, Iron Speed, Inc.

April 5, 2006
Iron Speed Designer V3.2

Procedure
If you have an Active / Inactive flag in your application’s user table and would like only active users to login, you can accomplish this in multiple ways using Iron Speed Designer.

Use a Database View

The simplest way is to create a database view in your database that only contains the Active users and excludes Inactive users. Then you can use this database view as the User "table" in the Role Based Security Wizard.

Use a Code Customization

Add a code customization to the SignIn_Control.ascx.vb or .cs file that overrides the Login method. The Login method is defined in BaseSignIn_Control.vb or .cs. Your code customization would look something like:

C#:

protected override void Login(bool redirectOnSuccess)
 
{
 
    string strUserName = this.UserName.Text;
    string strPassword = this.Password.Text;
 
    // Check if user has entered the user name and password.
    if (((strUserName != "") && (strPassword != "")))
    {
        // Construct a WHERE clause to retrieve the record that
        // matches the specified username
        string colName = UsersTable.Instance.UserNameColumn.UniqueName;
        string whereStr = colName + "= '" + strUserName + "'";
        UsersRecord rec = UsersTable.GetRecord(whereStr);
 
        // Check if this is a valid user and is active
        if (((rec == null) || (!rec.Active)))
        {
            // Display an error message and return
            ProcessLoginFailed("Invalid login
            information.Please enter a valid user name.", strUserName);
            return;
        }
    // Otherwise, fall through to call the Base Class's Login function.
    }
    base.Login(redirectOnSuccess);
}

Visual Basic .NET:

Protected Overrides Sub Login(ByVal redirectOnSuccess As Boolean)
    Dim strUserName As String = Me.UserName.Text
    Dim strPassword As String = Me.Password.Text
 
    'Check if user has entered the user name and password.
    If (strUserName <> "" AndAlso strPassword <> "") Then
 
            ' Construct a WHERE clause to retrieve the record that
            ' matches the specified username
            Dim columnName As String =
            UsersTable.Instance.UserNameColumn.UniqueName
            Dim whereStr As String = columnName & "= '" & strUserName & "'"
            Dim rec As UsersRecord = UsersTable.GetRecord(whereStr)
 
            ' Check to see if this is a valid user and is active
            If ((IsNothing(rec)) OrElse Not(rec.Active)) Then
                ' Display an error message and return
                ProcessLoginFailed(ERR_INVALID_LOGIN_INFO,
                strUserName)
                Return
            End If
            ' Otherwise fall through to call the base class's Login
            ' function.
    End If
    MyBase.Login(redirectOnSuccess)
 End Sub

In your custom logic, you can read a record from the User Table using the User Name as the key.

About the Author
Mahalakshmi Ramachandran
Software Engineer, Iron Speed, Inc.

Maha has experience developing Web Applications using the .NET technology and has been with Iron Speed since 2005.

Maha holds an M.S. degree in Computer Engineering from San Jose State University and a B.E. degree in Computer Science and Engineering from India.



       Copyright © 2005-2008, Iron Speed, Inc. Iron Speed® is a registered trademark. All rights reserved. Privacy Statement