Whenever we built an application (specifically web based), we require to maintain the information of logged-in user on each page of the application. and typically, we also require to authorize the user before user can access any of the page.
To do so, what I feel is better is creating a base class and then handle everything there, without letting the developers of individual pages to worry about above things.
public class baseClass
{
public User UserDetails
{
get {return (User)session["userDetails"];}
}
protected bool AuthorizeUser()
{
//Authorize user here
}
protected bool AuthenticateUser()
{
//Authenticate user and put the authenticated user details in the session object
//which can be used later
}
}
