i have this code

[HttpPost]
public ActionResult Index(LoginModel loginModel)
{
    if (ModelState.IsValid)
    { 
       // some lines of code . bla bla bla
       TempData["loginModel"] = loginModel;
       return RedirectToAction("index", "premium");
     }
     ...
}

and this controller here

public ActionResult Index()
{
   var loginModel = TempData["loginModel"] as LoginModel;
   ...
}

now, when the page loads, everything seems to work fine. but when i refresh, everything messes up, it says that the loginModel is like null. the question is, how can i like keep track of the current login users. i have forms authentication enabled. tnx

error is as below

Object reference not set to an instance of an object.

Description: An unhandled exception occurred during the execution of the current web     request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error: 


Line 22: 
Line 23:             var loginModel = TempData["loginModel"] as LoginModel;
Line 24:             string username = loginModel.username;
Line 25:             string password = loginModel.password;
Line 26:             premiumModel.username = username;

Confusion

but when i refresh, everything messes up, it says that the loginModel is like null

Answer

This is due to the fact that you have read the TempData key and Once it is read, data will be lost for that particular key.

var Value = TempData["keyName"] //Once read, data will be lost

Question

how can i like keep track of the current login users

Answer

So to persist the data even after the data is read you can Alive it like below

var Value = TempData["keyName"];
TempData.Keep();                 //Data will not be lost for all Keys
TempData.Keep("keyName");        //Data will not be lost for this Key

TempData works in new Tabs/Windows also, like Session variable does.

You could use Session Variable also, Only major problem is that Session Variable are very heavy comparing with TempData. Finally you are able to keep the data across Controllers/Area also.

Hope this post will help you alot.

You only need to store the user's identity (username) once the user is authenticated - password is not needed. As such ASP.NET authentication already supports storing user's identity in the authentication cookie and you don't have to re-invent the wheel. You can get the identity using Controller.User property.

EDIT: I am assuming that you have set up your application correctly for Forms Authentication. Regardless, here are few how-to/tutorial links that start you on it:

1. http://www.apexa.net/Blog/web_design_Blog_20100319.aspx
2. http://www.asp.net/mvc/tutorials/authenticating-users-with-forms-authentication-cs
3. Explain solution so that you don't have to apply Authorize attribute on every action - http://blogs.msdn.com/b/rickandy/archive/2011/05/02/securing-your-asp-net-mvc-3-application.aspx

TempData does only live for one request. Therefore it's empty when you make the second request. If you'd want to do it like this you should use Session instead or you can have a look at forms authentication.

You should also consider VinayC advice and not store any password information in any state, especially not in clear text format.

I suggest you create a new MVC 3 project in Visual Studio via File > New. It will set up forms authentication for you, so you can see the best practices for the login and registration pages, signing the user in/out with the session cookie, and displaying user info like username.