Authenticate users

To authenticate a user you must perform the following:

Acquire the username and the password.
Make the user input his username and password.
Authenticate the user.
To authenticate the user, call the AuthenticateUserstatic method of the SecurityManagerand pass the required arguments. The method returns a enumeration value of type UserLoggingReason. The enumeration has the following values:
- Success
  The user is successfully authenticated.
- UserLimitReached
  The limit of maximum simultaneous logged in users is reached.
- UserNotFound
  User cannot be found in any provider.
- UserLoggedFromDifferentIp
  User is already logged in from different IP address.
- SessionExpired
  Indicates that the user’s session has expired.
- UserLoggedOff
  The user have the authentication cookie, but is not logged in the database or is already logged out.
- UserLoggedFromDifferentComputer
  More than one user are trying to login from the same IP but from different computers.
- Unknown
  The username or the password is invalid.
- NeedAdminRights
  The user is not administrator to logout other users.
- UserAlreadyLoggedIn
  User already is logged in. You need to ask the user to logout someone or himself.
- UserRevoked
  User was revoked. The reason is that the user was deleted or user rights and role membership was changed.
The AuthenticateUsermethod accepts the following parameters:
- membershipProviderName
  Represents the name of the membership provider for the user. To specify the default provider pass null.
- username
  Represents the username of the user.
- password
  Represents the password of the user.
- persistent
  Specify whether the user to be remembered on this computer.
  
  NOTE: You can wrap these parameters inside an instance of the Credentialsclass.

Here is a code example:

using System.Web;
using Telerik.Sitefinity.Configuration;
using Telerik.Sitefinity.Security;
using Telerik.Sitefinity.Security.Claims;
using Telerik.Sitefinity.Security.Configuration;
using Telerik.Sitefinity.Services;
using Telerik.Sitefinity.Security.Model;

namespace Telerik.Sitefinity.Documentation.CodeSnippets.DeepDive.Security.Users
{
    public partial class ManagingUsersSnippets
    {
        public static void AuthenticateUser(string username, string password, string provider, bool isPersistent, string successRedirectUrl, string errorRedirectUrl)
        {
            {
                User user;
                UserLoggingReason result = SecurityManager.AuthenticateUser(
                    provider,
                    username,
                    password,
                    isPersistent,
                    out user);

                if (result != UserLoggingReason.Success)
                {
                    SystemManager.CurrentHttpContext.Response.Redirect(errorRedirectUrl, false);
                }
                else
                {
                    SystemManager.CurrentHttpContext.Response.Redirect(successRedirectUrl, false);
                }
            }
        }
    }
}

Want to learn more?

Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.

Get started with Integration Hub | Sitefinity Cloud

This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.