This might be a really dumb question (I’m new to ASP.NET).
Anyways, I’m making a web application for practice that will manage students and their courses of a school. The information of the student’s courses, student id number, name, grade etc. will be stored on Student objects in the database. When an admin adds a student to the database, it will add a user account with the student’s name as the username, and the randomly generated 7-digit student id number as the password.
When the student is logged in, is there anyway that I can get the student model from the database that corresponds to the logged-in student with comparing the student-number to the password? Would there be a better or more secure approach to getting the corresponding user?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
If password is randomly generated 7 digit number, there is a possibility that passwords can be duplicated unless you set the database password columns to unique. Personally I would avoid such approach as it creates more problems in future. Why not to get user object by user id?
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0