Esempio n. 1
0
 public static User Validate(string username, string password)
 {
     User user = new User(username);
     if (!user.IsNew && user.Active && Colourblind.Core.Security.CheckHash(password, user.Password))
         return user;
     else
         return null;
 }
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            Models.User user = new Models.User(filterContext.HttpContext.User.Identity.Name);
            if (user == null || user.IsNew)
                throw new UnauthorizedAccessException("User not logged in");

            foreach (string permission in _requiredPermissions)
            {
                if (!user.HasPermission(permission))
                    throw new UnauthorizedAccessException(String.Format("User does not have required permission", user.UserId, permission));
            }
        }