Need help in login authentication using asp.net -

I'm able to authenticate the login page simply. How can I do that authentication in the 3-level architecture? Someone sends me a code, should I be in DAL, BAL, and GUI layers? Here's my simple code:

Web.config:

  & lt; Authentication mode = "form" & gt; & Lt; Form loginurl = "Login.aspx" & gt; & Lt; Credential Password Format = "Clear" & gt; & Lt; Username = "abcd" password = "1234" & gt; & Lt; / Credentials & gt; & Lt; / Authentication & gt; & Lt; / Form & gt; & Lt; Authority & gt; & Lt; Deny users = "?" & Gt; & Lt; / Authorization & gt;  

login.aspx.cs:

  sqlconnection con = new sqlconnection ("server = localhost; database = dbname; uid =; pwd =; relationalnection = truth"); Sqldata adapters da = new sqldata adapter ("Choose from Login * where username = '" + text box 1. text + "' and password = '" + text box 2. text + "' ', cone); dataset DS = New Dataset (); da.Fill (DS); if (DSTibules [0]. EmploymentCount> gt; {if (Form Attestation. Authenticate ("ABCD", "1234") {FormAuthentication.RedirectFromLoginPage ( TextBox1.Text, false); Response.write ("Logged in");} and (Response. Written ("Unharmed User");} Response. Redirect ("Welcome. Espx");} and You must have at least the following classes:  
 
 In DAL     
 P> 
 
 You should have a class in the bull that represents every user intent. There should be a method named "Login" in this class, where all certifications and authorization happen. 
 A web form representing the user interface   
 In addition to this, the query never adds strings to prevent SQL injection. Use the parameter instead.  
 Here are some example classes: Nameslation DAL {Public Class Connection Manager (Public Fixed SQL Connection Connection) (SQL Connection) CN = New SQL Connection ("Server = Localhost; database = dbna; uid =; pwd =; trustedconconction = true "); Cn.Open (); Return CN; }}} Namespace BAL {public class user {public string username {get; Set; } Public string password {Private received; Set; } Public login login () {return login (this.UserName, this.Password); } Public Butt logging (string user, string password) {bool success = false; (SqlConnection cn = ConnectionManager.GetConnection ()) using {string sql = "select from log count (*), where user name = @ user and password = @ password"; (Using SqlCommand command = new SqlCommand (sql, cn)) {command.Parameters ["@ user"]. Value = user; order. Parameter ["password @"]. Value = password; Success = (int) command. ExactSlock () & gt; 0; } Cn.Close (); } The success of the return; }}}