public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
if (AuthorizeCore(filterContext.HttpContext))
{
VauctionPrincipal principal = (filterContext.HttpContext.User as VauctionPrincipal);
if (principal == null)
{
LogOutUser(filterContext); return;
}
VauctionIdentity identity = principal.UIdentity;
var user = filterContext.HttpContext.Session[SessionKeys.User] as SessionUser;
if (user == null || (string.Compare(user.IP, filterContext.HttpContext.Request.UserHostAddress, true) != 0 && user.IsBuyer))
{
LogOutUser(filterContext); return;
}
bool isNeedToCheckStatus = principal.IsNeedToCheckStatus(statusCheckTime);
if (isNeedToCheckStatus)
{
User usr = ProjectConfig.Config.DataProvider.GetInstance().UserRepository.GetUserAdministrator(identity.ID, identity.Name);
if (usr != null && user.Status != (byte)Consts.UserStatus.Active)
{
IFormsAuthenticationService formsService = new FormsAuthenticationService();
formsService.SignIn(usr.Login, identity.RememberMe, usr);
}
else
{
LogOutUser(filterContext);
return;
}
}
if (!String.IsNullOrEmpty(Roles))
{
string[] roles = Roles.Split(',');
bool res = false;
foreach (string role in roles)
{
if (res = (role.Equals(((Consts.UserTypes)user.UserType).ToString(), StringComparison.InvariantCulture)))
{
break;
}
}
if (!res)
{
filterContext.HttpContext.Response.Redirect("/Home/AccessDenyed");
}
}
}
else if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
NotAuthorized(filterContext);
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
if (filterContext.HttpContext.Session == null || filterContext.IsChildAction)
{
return;
}
var user = AppHelper.CurrentUser;
if (user != null && !filterContext.HttpContext.User.Identity.IsAuthenticated)
{
filterContext.HttpContext.Session.Abandon();
return;
}
if (user != null && filterContext.HttpContext.User.Identity.IsAuthenticated)
{
var principal = (filterContext.HttpContext.User as VauctionPrincipal);
if (principal == null) /*LogOutUser(filterContext);*/ return {
;
}
VauctionIdentity identity = principal.UIdentity;
if (identity.ID != user.ID)
{
Logger.LogInfo(String.Format("[SESSION-ERROR][CHECK]: Type:Mixed | SessionID:{0} | User_ID:{1} | CrossedUser_ID: {2}", HttpContext.Current.Session.SessionID, identity.ID, user.ID));
LogOutUser(filterContext);
}
}
public VauctionPrincipal(VauctionIdentity _identity)
{
identity = _identity;
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
if (AuthorizeCore(filterContext.HttpContext))
{
VauctionPrincipal principal = (filterContext.HttpContext.User as VauctionPrincipal);
if (principal == null)
{
LogOutUser(filterContext); return;
}
VauctionIdentity identity = principal.UIdentity;
var user = AppHelper.CurrentUser;
if (user == null)
{
LogOutUser(filterContext); return;
}
//#region added 2013-03-15 -> cross session check
//VauctionIdentity videntity = principal.UIdentity;
//if (videntity.ID != user.ID)
//{
// Logger.LogInfo(String.Format("[SESSION-ERROR]: SessionID:{0} | CurrentUser:{1} | CrossedUser: {2} | IP: {3} | Local IP: {4}\n\t\t\tUser Agent: {5}", HttpContext.Current.Session.SessionID, videntity.ID, user.ID, Consts.UsersIPAddress, HttpContext.Current.Request.ServerVariables["LOCAL_ADDR"], HttpContext.Current.Request.UserAgent));
// LogOutUser(filterContext); return;
//}
//#endregion
bool isNeedToCheckStatus = principal.IsNeedToCheckStatus(statusCheckTime);
if (isNeedToCheckStatus)
{
User usr = ProjectConfig.Config.DataProvider.GetInstance().UserRepository.GetUserActiveAndApproved(identity.ID, identity.Name);
if (usr != null && user.Status != (byte)Consts.UserStatus.Active)
{
//IFormsAuthenticationService formsService = new FormsAuthenticationService();
//formsService.SignIn(identity.Name, identity.RememberMe, usr);
}
else
{
LogOutUser(filterContext);
return;
}
}
bool isbackend = false;
if (!String.IsNullOrEmpty(IsBackendUser) && Boolean.TryParse(IsBackendUser, out isbackend) && isbackend && !user.IsAdminType)
{
LogOutUser(filterContext);
return;
}
if (!String.IsNullOrEmpty(Roles))
{
string[] roles = Roles.Split(',');
bool res = false;
foreach (string role in roles)
{
if (res = (role.Equals(((Consts.UserTypes)user.UserType).ToString(), StringComparison.InvariantCulture)))
{
break;
}
}
if (!res)
{
NotAuthorized(filterContext);
}
}
}
else if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
NotAuthorized(filterContext);
}
}
public VauctionPrincipal(VauctionIdentity _identity)
{
identity = _identity;
}