public override void OnAuthorization(AuthorizationContext context) { bool authorized = false; AppUserLoginInfoService service = new AppUserLoginInfoService(); AppUserLoginInfo user = service.FindByUsername(HttpContext.Current.User.Identity.Name); string userRole = Enum.GetName(typeof(Role), user.Role); foreach (var role in UserProfilesRequired) { if (userRole == role) { authorized = true; break; } } if (!authorized) { var url = new UrlHelper(context.RequestContext); var logonUrl = url.Action("Index", "Home", new { Id = 302, Area = "" }); context.Result = new RedirectResult(logonUrl); return; } }
public ActionResult Login(string command, AppUserLoginInfo data) { if (ModelState.IsValid) { switch (command) { case "Log In": try { string MD5_Password = mainDAL.CalculateMD5Hash(data.Password); User _user = db.Users.Where(w => w.Username.ToLower() == data.Username.ToLower() && w.Password == MD5_Password && !w.IsDeleted).FirstOrDefault(); if (_user != null) { string IsAdmin = _user.UserRole.RoleName == GlobalVariables.AdminRoleName ? "True" : "False"; GlobalVariables.StoreInCookie("NYCUser", IPGlobalProperties.GetIPGlobalProperties().DomainName, "Username", _user.Username, DateTime.Now.AddDays(2), false); GlobalVariables.StoreInCookie("NYCUser", IPGlobalProperties.GetIPGlobalProperties().DomainName, "IsLogged", "True", DateTime.Now.AddDays(2), false); GlobalVariables.StoreInCookie("NYCUser", IPGlobalProperties.GetIPGlobalProperties().DomainName, "IsAdmin", IsAdmin, DateTime.Now.AddDays(2), false); if (MD5_Password == mainDAL.CalculateMD5Hash(GlobalVariables.InitPassword)) { return(RedirectToAction("ChangePassword")); } else { return(RedirectToAction("Index", "Home")); } } else { TempData["ErrorMessage"] = "Your username or password is not correct"; return(View(data)); } } catch (Exception ex) { string message = ex.InnerException != null ? "Message: " + ex.Message + Environment.NewLine + "InnerException: " + ex.InnerException.Message : "Message: " + ex.Message; mainDAL.RecordInLogger("ERROR", "Login", message, "", ""); return(View(data)); } case "Sign Up": try { if (db.Users.Any(w => w.Username.ToLower() == data.Username.ToLower())) { TempData["ErrorMessage"] = "This username is taken. Please choose other one"; return(View(data)); } else { User _user = new User { Username = data.Username, Password = mainDAL.CalculateMD5Hash(data.Password), Role_ID = GlobalVariables.ViewerRoleID, IsDeleted = false }; db.Users.Add(_user); db.SaveChanges(); TempData["InfoMessage"] = "You are registered successfully"; return(RedirectToAction("Login")); } } catch (Exception ex) { string message = ex.InnerException != null ? "Message: " + ex.Message + Environment.NewLine + "InnerException: " + ex.InnerException.Message : "Message: " + ex.Message; mainDAL.RecordInLogger("ERROR", "Sign Up", message, "", ""); TempData["ErrorMessage"] = "Some error happens and you are not registered successfully"; return(View(data)); } } } return(View(data)); }
// GET: AppUsers/Login public ActionResult Login() { AppUserLoginInfo data = new AppUserLoginInfo(); return(View(data)); }