In languages like PHP, or Ruby, you can spend a lot of time writing a really effective and useful membership system. It can takes days - even weeks sometimes. Not in ASP.NET 2.0 and 3.5 though. Click "more" to find out more about .NET and why developing a user system is a very quick and painless task.

A little bit about ASP.NET before we start

Microsoft's .NET development platform is a multi-lingual development platform, similar to Rails of Ruby On Rails (RoR) fame, supporting languages such as VB(Visual Basic) and C#. Being multi-lingual means you can write in any of the supported languages whilst keeping the same functionality of the platform; meaning all the languages can make the same calls to the massive class library provided.

On top of the .NET platform, a web development platform has been built; called ASP.NET. ASP stands for Active Server Pages which comes from Microsoft's previous web development language (note: not a language, but a platform) named ASP, also.  This newer, and more powerful, tool is not a language in its self (a very important fact to learn when attempting to learn to use ASP.NET) but is, rather, a multi-lingual development platform, just like its .NET parent, which supports all the same languages as .NET. You can find much, much more information about ASP.NET, than I can give you here, at the ASP.NET home page. The only problem with ASP.NET is it doesn't run on Apache (by default). Windows only; and Windows hosting is expensive.

Now on to what you're here for!

As I was saying - making a user system in ASP.NET doesn't take long; no where near as long as languages like PHP and Ruby. In fact, it takes no time at all. One of the most unique features of ASP.NET is its membership and roles provider. This system is a full user system including profiles and per-user settings. When .you install .NET on your machine it comes with a tool called "aspnet_regsql" which, when provided with the correct connection details, connects to a local, or remote, database and sets up the tables needed for the membership and roles providers. This tool makes getting setup much quicker.

To accompany the easy-to-install system is a full compliment of web controls. A web control, in ASP.NET, is like a simple module. A block of code which can be dropped on the page (quite literally using Visual Web Developer or Visual Studio) and will function in a predetermined manner. This library of membership-orientated controls includes login, create new user wizard, login status and login view to mention a few. These little blocks are totally customisable to fit any site. By "totally customisable" I mean you have complete access to the (X)HTML and CSS styling of it so you can make it look how ever you like.

Possibly my favourite thing about this, apart from the gloriously easy to use web controls, is the complete lack of need for hand-written code. Once the membership provider is setup - which can, for newcomers to the platform, be a little tricky I'm afraid to say - all I need to do to register a new user is drop a "create new user wizard" control on to the page, change one or two properties (like "Destination URL" for after a user has clicked finish and they have been registered) using Visual Web Developer or Visual Studio, fill in the details on the page and click register. It's really that easy. Logging in is just as easy - and exactly the same to do. Drop a login control onto the page, change a couple of properties and then login. No code needed at all.

Let's talk about roles a little bit. A good example of roles is on forums. You get roles like moderator and admin which each have their own unique access permissions; for example a moderator can't access the admin panel, but an admin can. Roles in ASP.NET are exactly the same. Using the ASP.NET Website Configuration Tool (I won't try to explain that today; it's best left for another day and another article) you can add new roles at the click of a button. You can then add put users into these roles just as simply.

If you're thinking you have to put each user into a role by hand when they register - you're wrong. Assigning users to a role on registration is one of the only times when you need any code in the user system. Even then it's basically the same code every time - save for a changed word or two. I'll give it to you now, in VB. The middle line will work in C# too.

Protected Sub CreateUserWizardName_CreatedUser(ByVal sender As Object, ByVal e As System.EventArgs) Handles CreateUserWizardName.CreatedUser
    Roles.AddUserToRole(CreateUserWizardName.UserName.ToString, "Role Name")
End Sub

To use that code, all you have to do is copy and paste that code, then replace the bits in red which the named parts. CreateUserWizardName being the ID you gave to the Create New User Wizard control and Role Name being .. well .. the name of the role you want to add the user to.

Having users in roles means you can easily check to see their permission with a basic "If user is in role X - allow viewing. Else redirect to another page" statement.

I hope today's fairly long article has taught you something you didn't know. Browse around Daily Tip for more great articles and tips.