public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext) { var isAuthorised = base.IsAuthorized(actionContext); if (isAuthorised) { var cookie = HttpContext.Current.Request.Cookies [FormsAuthentication.FormsCookieName]; var ticket = FormsAuthentication.Decrypt(cookie.Value); var identity = new GenericIdentity(ticket.Name); string userData = ticket.UserData; if (userData.Contains("_")) { string[] data = userData.Split('_'); if (data != null && data.Length > 3) { string Email = data[0]; string Id = data[1]; string FullName = data[2]; string Role = data[3]; var principal = new CustomUserPrincipal (identity, new Guid(Id), Email, Role, FullName); HttpContext.Current.User = principal; Thread.CurrentPrincipal = principal; } } } }
public IHttpActionResult ChangePassword(ChangePasswordBindingModel model) { CustomUserPrincipal currentUser = User as CustomUserPrincipal; var changeUserPasswordResult = _userManagement.ChangeUserPassword(currentUser.GetUserId(), model); if (!changeUserPasswordResult.IsSuccess) { return(GetErrorResult(changeUserPasswordResult)); } return(Ok("Password Updated Successfully!")); }
private void InitializeModel() { CustomUserPrincipal principal = Thread.CurrentPrincipal as CustomUserPrincipal; IsDeleted = false; DateCreated = DateTime.UtcNow; DateModified = DateTime.UtcNow; if (principal != null) { CreatedBy = principal.PersonId; OrganizationId = principal.OrganizationId; ModifiedBy = principal.PersonId; CreatedByName = principal.FullName; ModifiedByName = principal.FullName; } }
public void SetCreateProperties() { CustomUserPrincipal principal = Thread.CurrentPrincipal as CustomUserPrincipal; IsDeleted = false; DateCreated = DateTime.UtcNow; DateModified = DateTime.UtcNow; if (principal != null) { CreatedBy = principal.PersonId; OrganizationId = principal.OrganizationId; ModifiedBy = principal.PersonId; CreatedByName = principal.FullName; ModifiedByName = principal.FullName; } }
protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { var authTicket = FormsAuthentication.Decrypt(authCookie.Value); UserData authDetails = JsonConvert.DeserializeObject <UserData>(authTicket.UserData); CustomUserPrincipal principal = new CustomUserPrincipal(new GenericIdentity(authTicket.Name), authDetails.Roles.ToArray(), authTicket.Name, authDetails.WebServiceToken, authDetails.UserId); Context.User = principal; } }
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { var actionAttributes = actionContext.ActionDescriptor.GetCustomAttributes<AuthorizationActionAttribute>(); var roles = actionAttributes.First().Roles; var authorizationHeader = actionContext.Request.Headers.Authorization; if (authorizationHeader == null || string.IsNullOrEmpty(authorizationHeader.Parameter) || string.IsNullOrEmpty(authorizationHeader.Scheme)) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); //may need to include authenticate header here } else { var token = authorizationHeader.Parameter; var userAuthorizationInformation = _authorizationManagement.GetAuthorizationInformation(token); var authResult = VerifyAuthorizationToken(userAuthorizationInformation, roles); if (authResult.Authorized) { CustomUserPrincipal principal = new CustomUserPrincipal(new GenericIdentity(userAuthorizationInformation.UserName), userAuthorizationInformation.Roles.ToArray(),userAuthorizationInformation.UserId); actionContext.RequestContext.Principal = principal; base.OnActionExecuting(actionContext); } else { actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); actionContext.Response.Content = new ObjectContent<List<string>>(authResult.Errors, new JsonMediaTypeFormatter()); } } }