Thread: How can I require login to view page?

Hi,

I am using MS 9.1

I was wondering how I can set a page to require a user to be logged in before allowing it to be displayed?

For example, I know you can password protect topics but in that case all the users need to know the one password that you enter in the admin to be able to view the topic. Is there a way to password protect the topic (or a static page) so that it is displayed if the user is logged in but asks them sign in if they are not?

*Edit*

Similar to how the wishlist, shopping cart, and account page only display if the user is logged in

*/Edit*

Thanks in advance for the help.

There are several methods built into the app that can help with that depending on how exactly you want it to work. I would check out how we do that on one of the built-in pages that does it already, like account.aspx(.cs). Pay attention to RequireSecurePage, RequiresLogin, ThisCustomer.RequireCustomerRecord, etc.

Hi Scott-

Thanks for the reply.

Is there a way to check if user is logged in from within an xml.config template file?

For example I want to be able to restrict only a portion of a page and accomplish something like so:

Code:

<% if UserLoggedIn(){ %>

     <div>     
          ...display data...
     </div>

<% } else { %>

     <div>
          Please login to view this section
     </div>

<% } %>

Thanks again for the help

Yes, this is possible from an xml.config template file (xml package), and would work as follows:

Code:

<xsl:choose>
  <!--if user is logged in-->
  <xsl:when test="/root/System/CustomerIsRegistered='true'">
     <!--display content-->
   </xsl:when>
   <!--if user is not logged in-->
   <xsl:otherwise>
     Please log in to view this section.
   </xsl:otherwise>
</xsl:choose>

As a side note, try setting debug to true within your xml package, and then loading up your xml package in a browser. You will notice (usually towards the bottom of the page) a section with a runtime xml dump. This can be helpful in debugging, and learning what values are being pulled in.

Let me know if you have any other questions.

Hi Robb-

Thank you again for the solution, it works great! :

On a slightly related note, when a user logs in they are diverted to the homepage. How can I change it so that they are returned to the page they were on before going to the login page?

Thanks!

No problem

To have the user return to a given page - after signing in - you will have to pass in the "ReturnURL" query string parameter.

For example, the following link would redirect someone to the account page after signing in.

http://www.mydomain.com/signin.aspx?...l=account.aspx

Ah! I didn't know the ReturnURL QueryString Existed

Since my site uses ASP Literals, I was able to pass the current page to signing.aspx like so:

Code:

<span class="arial_12px_gray" id="userName">
   <asp:Literal ID="ltrUserName" runat="server" Text='<%$ Tokens:UserName %>' /></span>
<span id="loginText">
   <a style="font-size:10px" href='<asp:Literal ID="Literal1" runat="server" Text="<%$ Tokens:SignInOut_Link %>" />?ReturnURL=<%= Request.CurrentExecutionFilePath.ToString().Substring(5,Request.CurrentExecutionFilePath.ToString().Substring(5).Length)'>
      <asp:Literal ID="ltrSignInOutText" runat="server" Text='<%$ Tokens:SignInOut_Text %>' />
   </a>
</span>

So the code I posted in my previous post for ReturnURL was working great until I started creating kit products.

Normally, if a user clicks on the login link from a product page which is not a kit the code takes the user to the login page with the correct URL:

Code:

signin.aspx?ReturnURL=p-18-product-name.aspx

However, if a user clicks on the login link from a kit product the user is redirected to the login page with the incorrect value:

Code:

signin.aspx?ReturnURL=kitproduct.aspx

so obviously when the user logs in they are given a product not found message.

The kit product pages are correctly displaying the p-#-product-name.aspx in the address bar but for some reason the Request.CurrentExecutionFilePath function is returning kitproduct.aspx.

I'm guessing it might have something to do with the redirect from showproduct.aspx when the product is a kit.

Any suggestions on how I can fix this?

I actually found a fix.

I simply replaced the following segment of code:

Code:

Request.CurrentExecutionFilePath.ToString().Substring(5,Request.CurrentExecutionFilePath.ToString().Substring(5).Length)

with the following:

Code:

Request.FilePath.ToString().Substring(5,Request.FilePath.ToString().Substring(5).Length)

The Request.FilePath returns the correct filename.