User Approval

Topics: Developer Forum, Project Management Forum, User Forum
Apr 1, 2008 at 10:17 PM
Is there a way I can set this up so that when a new user goes to my web site and requests a user account, it generates an approval process where as I am notified of the request and I have to approve it before the account is activated.

We are setting up a members only section so that the employees of my organization can log in and access proprietary information so I dont want just anyone to be able to create their own accounts and then be able to access all the information.
Apr 4, 2008 at 7:22 AM
Hi

There is no "create user" control on the outside of the login so anonymous users cannot create a user and login.

So if you want to do this without any programming, you will have to add those users :)

/Marre
Apr 4, 2008 at 12:52 PM
Iv'e created a new EasyControl that do this.
The changes you have todo is to send the email to you before send it to a user.
See my post http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=15947

Apr 22, 2008 at 10:42 PM


rickardmagnusson wrote:
Iv'e created a new EasyControl that do this.
The changes you have todo is to send the email to you before send it to a user.
See my post http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=15947


I dont want the registration to be verified by the user themself, I want it to be verified and approved by the administrator of the web site (ie me) before they can access the secure pages.
Apr 23, 2008 at 5:23 AM
Hi again

With a small change you easally can do this with the control a posted above.
I changed the default IsApproved to false.
Then I send an email to both the user and myself.
The user cannot login until I approved them with my mail that also has a verifyuser link.

protected void NewUserWizard_SendingMail(object sender, MailMessageEventArgs e)
{
try{
// Get the UserId of the just-added user
MembershipUser newUser = Membership.GetUser(NewUserWizard.UserName);
Guid newUserId = (Guid)newUser.ProviderUserKey;

// Determine the full verification URL (i.e., http://yoursite.com/Verification.aspx?ID=...)
string urlBase = Request.Url.GetLeftPart(UriPartial.Authority) + Request.ApplicationPath;

string verifyUrl = "Verification.aspx?ID=" + newUserId.ToString();
string fullUrl = urlBase + verifyUrl;

//Send an message and let us know there's a new visitor
e.Message.CC.Add("info@somdomain.se");

TextBox mess = (TextBox)NewUserWizard.CreateUserStep.ContentTemplateContainer.FindControl("TextBox1");
string bdy = e.Message.Body;
bdy = bdy.Replace("<%TEXT%>", mess.Text.Trim());

e.Message.Body.Replace("<%TEXT%>","");

// Replace <%VerificationUrl%> with the appropriate URL and querystring
e.Message.Body = e.Message.Body.Replace("<%VerificationUrl%>", fullUrl);

TextBox email = (TextBox) NewUserWizard.CreateUserStep.ContentTemplateContainer.FindControl("Email");

MailMessage mail = new MailMessage("user@somedomain.se", "info@somedomain.se");

mail.SubjectEncoding = Encoding.UTF8;
mail.BodyEncoding = Encoding.UTF8;
mail.IsBodyHtml = true;
mail.Subject = "Verify new user";



string acceptUrl = urlBase + "VerAdm.aspx?VERIFICATION=" + newUserId.ToString();
mail.Body = bdy.Replace("<%VerificationUrl%>", acceptUrl);

SmtpClient client = new SmtpClient();
client.Send(mail);
}catch{

}

}


In my Verify.aspx.cs I added
protected void Page_Load(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(Request.QueryString"VERIFICATION"))
{
StatusMessage.Text = "The id was not included in the querystring!";
}
else
{
Guid userId;
try
{
userId = new Guid(Request.QueryString"VERIFICATION".ToString().Trim());
}
catch
{
StatusMessage.Text = "The id passed into the querystring is not in the proper format!";
return;
}

MembershipUser usr = Membership.GetUser(userId);
if (usr == null)
{
StatusMessage.Text = "User account could not be found!! ";
}
else
{
if (Roles.IsUserInRole(usr.UserName, "Users"))
{
//Adding the user to Role "Users". If user isn't in Resellers, move the user to that group.
Roles.AddUserToRole(usr.UserName, "Resellers");
usr.IsApproved = true;
Membership.UpdateUser(usr);
}
StatusMessage.Text = "Account is now activated for user " + usr.UserName + ".";
}
}
}
Apr 23, 2008 at 4:43 PM


rickardmagnusson wrote:
Hi again

With a small change you easally can do this with the control a posted above.
I changed the default IsApproved to false.
Then I send an email to both the user and myself.
The user cannot login until I approved them with my mail that also has a verifyuser link.



Rickard, thanks so much thats great, and I appreciate you taking the time to work through the problem with a complete neophite such as myself. :-)
May 1, 2008 at 3:50 AM
Rickard, i apologize, but I amnot sure which file I am supposed to place the first bit of code you provided into, and I amnot sure where in the other file I am supposed to place the code you provided, does it just get added to the end. Again sorry to keep bugging you with this, thats just how new I am to all of this.