public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var context = filterContext.HttpContext;
if (context.Session["sessionid"] == null)
{
context.Session["sessionid"] = "empty";
}
//LoginsController loginsCtlr = new LoginsController();
//string userId = HttpContext.Current.User.Identity.GetUserId();
if (LoginsController.IsYourLoginStillTrue(System.Web.HttpContext.Current.User.Identity.Name, context.Session["sessionid"].ToString()))
{
if (!LoginsController.IsUserLoggedOnElsewhere(System.Web.HttpContext.Current.User.Identity.Name, context.Session["sessionid"].ToString()))
{
base.OnActionExecuting(filterContext);
}
else
{
// if it is being used elsewhere, update all their Logins records to LoggedIn = false, except for your session ID
LoginsController.LogEveryoneElseOut(System.Web.HttpContext.Current.User.Identity.Name, context.Session["sessionid"].ToString());
base.OnActionExecuting(filterContext);
}
}
else
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "controller", "User" },
{ "action", "Login" }
});
}
}
