//protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
//{
// if (FormsAuthentication.CookiesSupported == true)
// {
// if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
// {
// try
// {
// //let us take out the username now
// string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
// string roles = string.Empty;
// using (RolesModel entities = new RolesModel())
// {
// User user = entities.Users.SingleOrDefault(u => u.Username == username);
// roles = user.RoleID.ToString();
// }
// //let us extract the roles from our own custom cookie
// //Let us set the Pricipal with our user specific details
// e.User = new System.Security.Principal.GenericPrincipal(
// new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
// }
// catch (Exception)
// {
// //somehting went wrong
// }
// }
// }
//}
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
using (RolesModel entities = new RolesModel())
{
User user = entities.Users.SingleOrDefault(u => u.Username == username);
roles = user.RoleID.ToString();
}
//let us extract the roles from our own custom cookie
//Let us set the Pricipal with our user specific details
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
public ActionResult Login(User login, string ReturnUrl)
{
if (ModelState.IsValid)
{
using (RolesModel entities = new RolesModel())
{
string username = login.Username;
string password = login.Password;
// Now if our password was enctypted or hashed we would have done the
// same operation on the user entered password here, But for now
// since the password is in plain text lets just authenticate directly
bool userValid = entities.Users.Any(user => user.Username == username && user.Password == password);
// User found in the database
if (userValid)
{
FormsAuthentication.SetAuthCookie(username, false);
if (Url.IsLocalUrl(ReturnUrl) && ReturnUrl.Length > 1 && ReturnUrl.StartsWith("/")
&& !ReturnUrl.StartsWith("//") && !ReturnUrl.StartsWith("/\\"))
{
return Redirect(ReturnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "Sai username hoặc password");
}
}
}
// If we got this far, something failed, redisplay form
return View(login);
}
public ActionResult Register(User register)
{
List<Role> lstrole = new List<Role>();
using (RolesModel dt = new RolesModel())
{
lstrole = dt.Roles.OrderBy(n => n.RoleName).ToList();
}
try
{
if(ModelState.IsValid)
{
db.Entry(register).State = EntityState.Added;
db.SaveChanges();
return RedirectToAction("Index", "Home");
}
return View(register);
}
catch
{
return View();
}
}
public ActionResult Register()
{
List<Role> lstrole = new List<Role>();
using(RolesModel dt = new RolesModel())
{
lstrole = dt.Roles.OrderBy(n => n.RoleName).ToList();
}
ViewBag.Roles = new SelectList(lstrole, "RoleID", "RoleName");
return View();
}
