public void MvcApplication_PostAuthenticateRequest(object sender, EventArgs e)
{
var authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
string encTicket = authCookie.Value;
if (!String.IsNullOrEmpty(encTicket))
{
var ticket = FormsAuthentication.Decrypt(encTicket);
var id = new CustomIdentity(ticket);
//var userRoles = Roles.GetRolesForUser(id.Name); //get role
var userRoles = new string[] { };
var prin = new GenericPrincipal(id, userRoles);
HttpContext.Current.User = prin;
}
}
}
/// <summary>
///
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
var customidentity = new CustomIdentity(ticket);
if (customidentity == null || !customidentity.IsInRole(Role))
{
//ContentResult Content = new ContentResult();
//Content.Content = "<script type='text/javascript'>alert('Auth verify Failed!');history.go(-1);</script>";
//filterContext.Result = Content;
//throw new HttpException(401, null);
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new
{
controller = "Error",
name = customidentity.Name,
action = "AccessDenied"
}));
}
string viewBagUsername = filterContext.Controller.ViewBag.UserName;
if (!string.IsNullOrEmpty(viewBagUsername))
{
string currentUsername = customidentity.Name;
if (viewBagUsername.ToLower() != currentUsername.ToLower())
{
//if (customidentity.Roles[0] == "User")
//{
// filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new
// {
// action = "AccessDenied",
// controller = "Error"
// }));
//}
//else if (customidentity.Roles[0] == "PowerUser")
//{
// string[] users = null;
// //new ProxyHelper<IMember>().Use(code =>
// //{
// // users = code.GetOrgUsersByUsername(currentUsername);
// //}, Constants.MEMBER_ENDPOINT);
// MemberService.MemberClient memberService = new MemberService.MemberClient();
// users = memberService.GetOrgUsersByUsername(currentUsername);
// if(!Helpers.HasInVale(users,viewBagUsername))
// {
// filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new
// {
// action = "AccessDenied",
// controller = "Error"
// }));
// }
//}
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new
{
controller = "Error",
name = customidentity.Name,
action = "AccessDenied"
}));
}
}
}
}