public void OnAuthorization(AuthorizationContext filterContext) { string controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; string action = filterContext.ActionDescriptor.ActionName; Authentication auth = null; if (CurrentUser != null && CurrentUser.Identity != null && CurrentUser.Identity.IsAuthenticated) { HttpCookie authCookie = filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null && !string.IsNullOrWhiteSpace(authCookie.Value)) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); JavaScriptSerializer serializer = new JavaScriptSerializer(); AuthenticationSerialize serialiseAuth = serializer.Deserialize <AuthenticationSerialize>(authTicket.UserData); auth = new Authentication(authTicket.Name); if (authCookie != null && !string.IsNullOrWhiteSpace(authCookie.Value)) { auth.UserContext = serialiseAuth.UserContext; } //if (auth.UserContext.RoleId == 1) //{ // HttpContext.Current.User = auth; //} //else //{ // filterContext.Result = new RedirectResult("/Home/UnAuthorized"); //} //HttpContext.Current.User = auth; } } }
private void SetAuthentication(Spartan_User_Core UserDetails) { // create instance of context view model ContextViewModel CM = new ContextViewModel(); // set logged in values with context view model to store values with cookies CM.Email = UserDetails.Spartan_Users[0].Email; CM.Id = UserDetails.Spartan_Users[0].Id; CM.Id_User = UserDetails.Spartan_Users[0].Id_User; CM.Password = UserDetails.Spartan_Users[0].Password; CM.Role = UserDetails.Spartan_Users[0].Role; CM.Status = UserDetails.Spartan_Users[0].Status; CM.Name = UserDetails.Spartan_Users[0].Name; CM.UserName = UserDetails.Spartan_Users[0].Username; AuthenticationSerialize serialiseAuth = new AuthenticationSerialize(); UserContextViewModel userContext = new UserContextViewModel(); userContext.CurrentUser = CM; serialiseAuth.UserContext = userContext; JavaScriptSerializer serializer = new JavaScriptSerializer(); string userData = serializer.Serialize(serialiseAuth); // set login cookie time for user var tenDaysFromNow = DateTime.UtcNow.AddMinutes(Convert.ToInt32(ConfigurationManager.AppSettings["SessionTimeOut"])); // set form authentication ticket with logged int user values FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, serialiseAuth.UserContext.CurrentUser.UserName + " " + serialiseAuth.UserContext.CurrentUser.UserName, DateTime.Now, tenDaysFromNow, false, userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); // Add values of user with browser cookie Response.Cookies.Add(faCookie); }
public override void OnAuthorization(AuthorizationContext filterContext) { string controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; string action = filterContext.ActionDescriptor.ActionName; Authentication auth = null; if (CurrentUser != null && CurrentUser.Identity != null && CurrentUser.Identity.IsAuthenticated && SessionHelper.Relogin == false) { // Get cookies values of user HttpCookie authCookie = filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null && !string.IsNullOrWhiteSpace(authCookie.Value)) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); JavaScriptSerializer serializer = new JavaScriptSerializer(); AuthenticationSerialize serialiseAuth = serializer.Deserialize <AuthenticationSerialize>(authTicket.UserData); auth = new Authentication(authTicket.Name); // set user context from cookies if (authCookie != null && !string.IsNullOrWhiteSpace(authCookie.Value)) { auth.UserContext = serialiseAuth.UserContext; } if (SessionHelper.UserEntity == null || SessionHelper.UserCredential == null) { ISpartan_UserApiConsumer _IUseroApiConsumer = new Spartan_UserApiConsumer(); ISpartane_FileApiConsumer _ISpartane_FileApiConsumer = new Spartane_FileApiConsumer(); // Call Validate User API for user Exists in application Spartan_User_Core UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Password = '******' COLLATE SQL_Latin1_General_CP1_CS_AS").Resource; if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count > 0) { if (UserDetails.Spartan_Users[0].Status == 1) { TTUsuario user = new TTUsuario { /*CODMANINI-UPD*/ IdUsuario = Convert.ToInt32(UserDetails.Spartan_Users[0].Id_User), /*CODMANFIN-UPD*/ Nombre = Convert.ToString(UserDetails.Spartan_Users[0].Name), Clave_de_Acceso = UserDetails.Spartan_Users[0].Username, //Activo = UserDetails.Spartan_Users[0].Status }; //Adding user Core entity Data SessionHelper.UserEntity = UserDetails.Spartan_Users[0]; var userImage = _ISpartane_FileApiConsumer.GetByKey(Convert.ToInt32(UserDetails.Spartan_Users[0].Image)) .Resource; if (userImage != null && userImage.File != null) { SessionHelper.UserImage = userImage.File; } //Saving Credentials SessionHelper.UserCredential = new Spartane_Credential { Password = auth.UserContext.CurrentUser.Password, UserName = auth.UserContext.CurrentUser.UserName, }; // save role id in session SessionHelper.Role = UserDetails.Spartan_Users[0].Role; // save role object in session SessionHelper.Sprtan_Role = new RoleSpartanUserRole { Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Id, Description = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Description, Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status, Status_Spartan_User_Role_Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status_Spartan_User_Role_Status, User_Role_Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id, }; HttpContext.Current.Session["USERID"] = user.IdUsuario; HttpContext.Current.Session["USERROLEID"] = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id; } } else if (controller != "Account" && action != "Login") { filterContext.Controller.TempData["cssClass"] = "error"; filterContext.Controller.TempData["message"] = "You are not logged in."; filterContext.Result = new RedirectResult("~/Account/Login"); //new RedirectResult("/Account/Login"); auth = null; } } HttpContext.Current.User = auth; } } // write code here as per role RoleType else if (controller != "Account" && action != "Login") { if ((controller == "General") && (action == "ExecuteQueryTable")) { } else { filterContext.Controller.TempData["cssClass"] = "error"; filterContext.Controller.TempData["message"] = "You are not logged in."; filterContext.Result = new RedirectResult("~/Account/Login"); //new RedirectResult("/Account/Login"); } } }