public ActionResult ExternalLoginCallback(string returnUrl) { var avansOAuth = (AvansOAuthClient)OAuthWebSecurity.GetOAuthClientData("avans").AuthenticationClient; AuthenticationResult result; try { result = avansOAuth.VerifyAuthentication(HttpContext); } catch { return RedirectToAction("ExternalLoginFailure"); } if (!result.IsSuccessful) { return RedirectToAction("ExternalLoginFailure"); } if (Session["currentUser"] == null) { BaroDB db = new BaroDB(); Student student = db.SearchStudentByStudentNumber(int.Parse(result.ProviderUserId)); if (student != null) { string name = student.FirstName + " " + student.LastName; Session["currentUser"] = new OAuth.CurrentUser { ID = student.Studentnr, DisplayName = name, Access = access.student }; } Teacher teacher = db.SearchTeacherByTeacherNumber(int.Parse(result.ProviderUserId)); //Teacher teacher = db.SearchTeacherByTeacherNumber(13); //Voor testen, login als leraar ondanks je student nr. if (teacher != null) { string name = teacher.FirstName + " " + teacher.LastName; switch(teacher.Role) { case TeacherAccess.mentor: Session["currentUser"] = new OAuth.CurrentUser { ID = teacher.DocentNumber, DisplayName = name, Access = access.mentor }; break; case TeacherAccess.tutor: Session["currentUser"] = new OAuth.CurrentUser { ID = teacher.DocentNumber, DisplayName = name, Access = access.tutor }; break; case TeacherAccess.projectDocent: Session["currentUser"] = new OAuth.CurrentUser { ID = teacher.DocentNumber, DisplayName = name, Access = access.projectDocent }; break; case TeacherAccess.admin: Session["currentUser"] = new OAuth.CurrentUser { ID = teacher.DocentNumber, DisplayName = name, Access = access.admin }; break; } } if (Session["currentUser"] != null) { return RedirectToLocal(returnUrl); } } return RedirectToAction("ExternalLoginFailure"); }
private bool IsAuthenticated() { if (Session["currentUser"] != null) { BaroDB db = new BaroDB(); Teacher teacher = db.SearchTeacherByTeacherNumber(((OAuth.CurrentUser)Session["currentUser"]).ID); if (teacher != null) { if (teacher.Role == TeacherAccess.mentor || teacher.Role == TeacherAccess.admin) { return true; } } } return false; }