protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string acc_name = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
using (projectShopEntities entities = new projectShopEntities())
{
Account account = entities.Accounts.SingleOrDefault(u => u.acc_name == acc_name);
roles = account.Roles;
}
//let us extract the roles from our own custom cookie
//Let us set the Pricipal with our user specific details
e.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(acc_name, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
public ActionResult Produkt(int Id)
{
// henter categori ud fra id i urlen.
projectShopEntities db = new projectShopEntities();
List<Product> product = db.Products.Where(c => c.product_category == Id).ToList();
return View(product);
}
public ActionResult Login(Account model, string returnUrl)
{
// Lets first check if the Model is valid or not
if (ModelState.IsValid)
{
using(projectShopEntities entities = new projectShopEntities())
{
string acc_name = model.acc_name;
string acc_pass = model.acc_pass;
bool userValid = entities.Accounts.Any(account => account.acc_name == acc_name && account.acc_pass == acc_pass);
if (userValid)
{
FormsAuthentication.SetAuthCookie(acc_name, false);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Start", "Admin");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
}
return View(model);
}
