public override void OnAuthorization(AuthorizationContext filterContext) { if (filterContext.HttpContext.Request.IsAuthenticated) { AuthoringUser userInfo = (AuthoringUser)filterContext.HttpContext.User.Identity; var userTypes = this.UserTypes.Split(','); bool authorized = false; foreach (var userType in userTypes) { if (userType == userInfo.UserType) { authorized = true; break; } } if (!authorized) { filterContext.Result = new RedirectResult("~/Error/Index"); } } else { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" }, { "ReturnUrl", filterContext.HttpContext.Request.RawUrl } }); } }
private void Application_AuthenticateRequest(object Sender, EventArgs e) { HttpCookie authCookie = this.Context.Request.Cookies[FormsAuthentication.FormsCookieName]; if (IsValidAuthCookie(authCookie)) { var formsAuthentication = DependencyResolver.Current.GetService <FormsAuthenticationFactory>(); var ticket = FormsAuthentication.Decrypt(authCookie.Value); FormsAuthentication.RenewTicketIfOld(ticket); var authUser = new AuthoringUser(ticket); string[] userRoles = { authUser.UserType }; this.Context.User = new GenericPrincipal(authUser, userRoles); //formsAuthentication.SetAuthCookie(this.Context, ticket); } }