Home   Preview the Book   Chapter 15, TOC   Part 25

  Previous: Getting the User Name from an Identity Object
  Next: Reading Database Information Efficiently

Storing Visitor Information in Persistent Cookies

The CVisitor class contains information about a visitor to VB Snippets. Whenever a page instantiates the class, the class constructor checks to see whether the visitor has already been authenticated. Because the Login method creates a persistent authentication cookie, a visitor may already be logged in whenever he or she enters the Web site.

If the class constructor determines that the visitor is already authenticated, the code looks for an additional persistent cookie, VbCodeDb, that contains more information about the visitor. The VbCodeDb cookie contains the email address of the visitor, which acts as a key to the visitor’s information stored in the VbUser database. It also tracks the date of the visitor’s last use of VB Snippets. The code updates this date information at most once per day. VB Snippets uses the LastVisit property to determine which code snippets have been added since the last visit (and thus should be marked with the word new). The constructor initializes the readonly Email, Username, and LastVisit properties with values from the persistent cookies.

The VbUser database contains information about the visitor’s keyword preferences. The CVisitor class constructor accesses these preferences via the CVbUser class and initializes the CVisitor.Keywords property accordingly. Listing 15-11 contains the code for the CVisitor class.

Listing 15-11. The CVisitor Class

Option Strict On
Imports System.Web.Security

Public Class CVisitor
    Private _Page As Page
    Private _dtmLastVisit As Date = #12/31/9999#
    Private _sEmail As String = String.Empty
    Private _sUsername As String = String.Empty
    Private _sKeywords As String = String.Empty

    Sub New(ByVal Page As Page)
        _Page = Page
        If _Page.User.Identity.IsAuthenticated Then
            Dim oCookieIn As HttpCookie = _Page.Request.Cookies("VbCodeDb")
            If Not oCookieIn Is Nothing Then
                _sEmail = oCookieIn.Values("Email")
                _dtmLastVisit = CDate(oCookieIn.Values("LastVisit"))

                'If new visit date, update cookie
                If oCookieIn.Values("CurrentVisit") _
                    <> Today.ToShortDateString Then
                    Dim oCookieOut As HttpCookie _
                        = _Page.Response.Cookies("VbCodeDb")
                    If Not oCookieOut Is Nothing Then
                        oCookieOut.Expires = Today.AddYears(1)
                        oCookieOut.Values("Email") = oCookieIn.Values("Email")
                        oCookieOut.Values("CurrentVisit") _
                            = Today.ToShortDateString
                        oCookieOut.Values("LastVisit") _
                            = oCookieIn.Values("CurrentVisit")
                        _dtmLastVisit = CDate(oCookieOut.Values("LastVisit"))
                    End If
                End If

                'Get preference info from database
                Dim oVbUser As CVbUser = Me.VisitorRow
                _sKeywords = oVbUser.Keywords
                oVbUser.Dispose()
            Else
                Throw New Exception("Chapter_15-CVisitor: " _
                    & "Missing VbCodeDb Cookie")
            End If
        End If
    End Sub

    ReadOnly Property Email() As String
    Get
        Return _sEmail
    End Get
    End Property

    ReadOnly Property Username() As String
    Get
        Return _sUsername
    End Get
    End Property

    ReadOnly Property LastVisit() As Date
    Get
        Return _dtmLastVisit
    End Get
    End Property

    Property Keywords() As String
    Get
        Return _sKeywords
    End Get
    Set(ByVal Value As String)
        _sKeywords = Value
        Dim oVbUser As CVbUser = Me.VisitorRow
        oVbUser.Keywords = _sKeywords
        oVbUser.Update()
        oVbUser.Dispose()
    End Set
    End Property

    Function LogIn(ByVal Email As String, _
    ByVal Password As String) As Boolean
        Dim oVbUser As New CVbUser()
        Dim EmailFound As Boolean = oVbUser.Find(Email)
        If EmailFound AndAlso oVbUser.Password = Password Then
            'Visitor is registered, get info
            _dtmLastVisit = oVbUser.LastVisit
            _sUsername = oVbUser.Username
            _sKeywords = oVbUser.Keywords
            oVbUser.Dispose()

            'Prepare persistent cookie
            Dim oCookie As HttpCookie = New HttpCookie("VbCodeDb")
            oCookie.Expires = DateTime.MaxValue
            oCookie.Values("Email") = Email
            oCookie.Values("LastVisit") = _dtmLastVisit.ToShortDateString
            oCookie.Values("CurrentVisit") = Today.ToShortDateString

            'Add cookies to response
            _Page.Response.Cookies.Add(oCookie)
            FormsAuthentication.SetAuthCookie(_sUsername, True)
            Return True
        Else
            'Couldn't find email-password combination
            Return False
        End If
    End Function

    Sub LogOut()
        'Update database with last visit date
        Dim oVbUser As CVbUser = Me.VisitorRow
        oVbUser.LastVisit = Today
        oVbUser.Update()
        oVbUser.Dispose()

        'Remove persistent cookies
        _Page.Request.Cookies.Remove("VbCodeDb")
        FormsAuthentication.SignOut()
        _sUsername = String.Empty
        _dtmLastVisit = #12/31/9999#
    End Sub

    Private Function VisitorRow() As CVbUser
        Dim oVbUser As New CVbUser()
        Dim EmailFound As Boolean = oVbUser.Find(_sEmail)
        If EmailFound Then
            Return oVbUser
        Else
            Throw New Exception("Chapter_15-CVisitor: " _
                & "Missing VbUserDb Row")
        End If
    End Function
End Class

The CVisitor.Login method validates the visitor’s registration, prepares the VbCodeDb cookie, and adds both the VbCodeDb cookie and the FormsAuthentication cookie to the response.

The CVisitor.Logout method updates the VbUser database, removes the VbCodeDb cookie, and calls the FormsAuthentication.Signout method to rescind the visitor’s authentication. We have already presented the code, which is triggered by clicking a logout link and which calls the Logout method. The index.aspx page calls the Login method from the Page_PreRender event handler as follows:

If Me.smaccLogin.WasClicked Then
    'Visitor wants to log in
    Dim IsLoggedIn As Boolean = oVisitor.LogIn( _
        Me.txtEmail.Value, Me.txtPassword.Value)
    If IsLoggedIn Then
        'Return with authenticated credentials
        Response.Redirect("index.aspx")
    Else
        'Provide error message
        Me.spanErrMsg.InnerHtml = "<br /><font color='red'>" _
            & "Email or password not found.</font>"
    End If
End If

This code executes when the PreRender event fires to make sure that the MouseoverLink.vb custom control has had the opportunity to set its WasClicked property. If the login succeeds, the index.aspx redisplays in its personalized format. If not, the code adds a red error message.

  Previous: Getting the User Name from an Identity Object
  Next: Reading Database Information Efficiently

Home   Preview the Book   Chapter 15, TOC   Part 25

Copyright © 1996 - 2017 SoftMedia Artisans, Inc. All Rights Reserved.