Posted by: dummy - Thursday, 19 November 2009 21:39:01
I’m attempting to validate a forum log in from the main page on my site.
In the web.config for both the Forum and my application I set up the with a validationKey, decryptionKey, validation=”SHA1”, and decryption=”AES”. validationKey and decryptionKey were randomly generated through a public site.
I’m using this code to log in:
[code]string sPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(Login.Password, "sha1");
Object YafUserID = YAF.Classes.Data.DB.user_login(1, Login.UserName, sPassword);
if (YafUserID != DBNull.Value) { } [/code]
My YafUserID is consistently coming back as “null” and I’m struggling to debug the issue.
Is there a way to determine if I have all of the necessary password information set up correct?
I know the yaf_user_login stored procedure is getting called but the results are NULL.
The other oddity that I see, the password in the yaf_user table is stored as “-“ and if I create a query with a dash as the password parameter, the stored procedure is successful in returning the userID.
Any idea as to what I’m doing wrong or suggestions as to how I could locate the issue?
Thanks.
Posted by: Elvan - Thursday, 14 January 2010 15:40:09
Hello,
I have the same issue. Trying to integrate forum as recommended in http://wiki.yetanotherforum.net/AspNetMembershipIntegration.ashx I see that in stored procedure "user_save":
insert into [{databaseOwner}].[{objectQualifier}User](BoardID,RankID,Name,Password,Email,Joined,LastVisit,NumPosts,TimeZone,Flags,PMNotification,ProviderUserKey)
values(@BoardID,@RankID,@UserName,'-',@Email,getdate(),getdate(),0,@TimeZone,@Flags,@PMNotification,@ProviderUserKey)
password hardcoded as '-' so in table User we have always '-' for password.
But in "user_login" stored procedure (that called by recommended function user_login) we check if there is a user with entered username and a password:
select UserID from [{databaseOwner}].[{objectQualifier}User] where Name=@Name and Password=@Password and BoardID=@BoardID and (Flags & 2)=2
and of course there is no such a user because password is always '-'.
So could you tell please is this a bug or method in recommended yaf integration procedure is not full?
Thank you.
Posted by: FiniteIntellect - Thursday, 6 May 2010 18:45:22
Anyone have an answer to this? I am having the same problem
Posted by: ddavis - Saturday, 8 May 2010 13:43:14
I'm almost there, just working it out myself...
So far i've got the following (which does authenticate, but isn't storing the cookie)..
ForumPage currentPage = new ForumPage();
YafContext PageContext = currentPage.PageContext;
bool booResult = PageContext.CurrentMembership.ValidateUser(txtUserName.Text.Trim(), txtPassword.Text.Trim());
If booResult == true then you authenticated.
[quote=ddavis]Ok, this works.
[code]
protected void btnDoLogin_Click(object sender, EventArgs e)
{
ForumPage currentPage = new ForumPage();
YafContext PageContext = currentPage.PageContext;
bool booResult = PageContext.CurrentMembership.ValidateUser(txtUserName.Text.Trim(), txtPassword.Text.Trim());
FormsAuthentication.SetAuthCookie("2;1;Administrator", true);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false, "", "/");
string strEncTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(".YAFNET_Authentication", strEncTicket);
authCookie.Path = "/";
HttpContext.Current.Response.Cookies.Add(authCookie);
}
[/code]
Hope it helps.[/quote]
It's really nice. Thanks for your code.
Posted by: Palos - Tuesday, 17 August 2010 00:53:04
Greetings everyone.. sorry to ask you this.. noob question.. cause the real thing is i'm just new in asp.net.. and i'm just wondering.. where do i put that log in code provided by ddavis?
The reason why i asked.. is that i made yaf forum as my subfolder in my project.. and i still have 3 other folders other than that.. named Students, Teacher and Administrator.. all i want to achieve is.. to validate my users using the yaf login having the
Student role = Student Folder Access and Yaf forum Registered role only
Admin role = Admin Folder Access and yaf forum Admin role only
Teacher role = Teacher Folder Access and yaf forum Moderator only
i hope someone could help me achieve this kind of thing.. Any advice and suggestion will be highly sought
Have a great day:-d