I am trying to findout the user's first time login using asp.net membership (mysql) and depending on that I'm displaying some agreements page.
The procedure I follow is:
When a user registers a mail will be sent which is for confirming the email Id.
until this point the user is not authenticated.
After clicking the link provided in email Id, the user's authentication is done by user id present in query string.
Now the user needs to login by credentials. At this point user gets authenticated and I want to show him a legal agreements page with a check box in it.
Solution I tried:
I supposed the last login time will be 0/0/0000 00:00:00 AM but in vain.
It would be great if anyone could suggest me a solution for this.
I also encountered the same problem. the only solution that struck my mind was to check whether LastLoginDate = CreateDate or not. If this criteria is true it means that the user is trying to log in for the first time.
But be careful that you must check it before log-in procedure. (but I should say the I use Ms Sql)
You can also check the number of users haven't logged-in yet.
select LastLoginDate from aspnet_Membership where LastLoginDate = CreateDate order by LastLoginDate ASC
Related
Notifications within laravel website
I'am beginner of laravel framework. So there is no one experienced laravel developers in my town. There are nobody with whom I could discuss or speak about my laravel project. It's my first laravel project. The problem is I don't know, is everything in right way what I am doing? For example, thare are 2 types of users. 1 administrator, others are ordinary users. I would like to make notifications between administrator and ordinary users within website. If administrator sends message or something, it should send to chosen user.
Now I am writing notification database. And I have notification table, there are message, user_id(to whom I send this notification) in column name data. My questions
Is it right way of making notifications within website between administrator and ordinary users? I have just show this notification by selecting user_id from column name data and show this notification in User's profile(to whom sent by administator)?
Is it possible to send notifications with question like "Are you ready? Yes No" with clickable buttons Yes No. As I understand I have to create new table with columns message, user_id, status "Yes" or "No", so when user click yes button it will change the status of this message. Is it right way what I have wrote? Can you write me your ideas or logic of realizing this things. I will be grateful to You.
I created a ReactJS web app with a “user profile” page where the logged user can save: name, surname, email and address. For the moment, every time I log-in and save the data a new object is created.
I would like each logged user to be linked to a single ID, namely Auth0 one, so that I can always retrieve and update the row of the right user in my MySQL database.
I tried to look for other similar questions and to see the documentation, but it's my first time with authentication and I haven't found anything specific about Auth0,so I apologize if it’s a trivial question or asked several times .
When retrieving comments made on a Box file, the comments may have been made by a user other than the current user.
The comment object contains the user name and id, but not the avatarUrl.
Making a call to users/me works for the current user.
I tried users/userId for another user (the one who made the comment), and it does not seem to work.
Is there another entry point to do this ?
Nope - you can only access the authenticated user's information.
If they opened the API call to any user, then a malicious attacker could download all of box's user information. I realize this is not your intent - this is just Box trying to protect itself.
I have a requirement to generate an email to administrator whenever a user sign up. Administrator will approve the registration by clicking on a link provided in email and database should get updated, without admin to login to administrator console.
I am looking for best practice to code this scenario with keeping application security intact. I can generate email with dynamic rendom value attached to the link(provided in email) URL, but i am not sure how to keep a track of this on application side?
Any thoughts?
You could generate a random validation number when the user signs up, and store it in the database with the user record. Then generate an email with a link such as
http://foo.bar.com/approveUser.action?userId=<theUserId>&validationToken=<theRandomNumber>
When the approveUser action is invoked, check if the validation token stored in the database for the given user ID matches with the token sent as parameter, and if so, approve the user.
I am trying to implement a simple login system with facebook, but I need users to pick a username. What I was thinking was to get all the information I need from facebook, request permissions, then add the information to the database, redirect to a form asking for a username and then add that to the database, to the same entry.
I think a transaction is needed so I don't end up with any half completed database entries. But I've only ever used them on the same page, so I'm wondering if this is safe? If it fails then there is no point where I would be telling the database to roll back the changes and it would be with a transaction open.
Is this right or will it be ok?
I think you made it more complicated than it should be :)
No need to enter facebook id into database before username as you can always grab it later.
Forward user to login screen (or better just open login popup using javascript FB API)
Once user is logged in forward them to username picking page (or better do javascript popup without page redirect)
When user is entered username request the current user id from facebook on server side (by either using graph api or fql) and then if everything is ok enter this record to database.