public ActionResult Login(LoginModel model) { var result = new Models.CustomJsonResult(); if (!ModelState.IsValid) { return(View()); } try { var userId = _userService.Login(model.LoginUsername, model.LoginPassword); if (userId > 0) { result.Result = userId; Session[Constant.SessionUsername] = model.LoginUsername; Lib.Business.Models.DBContext.UsTransport.tblStoreAccount storeOfUser = _storeService.SelectStoreByUserName(model.LoginUsername); Session[Constant.SessionStoreID] = storeOfUser.id; } else { result.Result = 0; result.Message = "Tài khoản không đúng hoặc chưa được kích hoạt, vui lòng liên hệ với administrator!"; } } catch (Exception ex) { result.Message = ex.Message; } return(Json(result, JsonRequestBehavior.AllowGet)); }
public Lib.Business.Models.DBContext.UsTransport.tblStoreAccount GetStoreAccountInfo() { if (Session[Constant.SessionStoreAccountInfo] == null) { Lib.Business.Models.DBContext.UsTransport.tblStoreAccount storeInfo = _storeService.SelectStoreByUserName(GetUserNameFromSession()); Session[Constant.SessionStoreAccountInfo] = storeInfo; } var info = (Lib.Business.Models.DBContext.UsTransport.tblStoreAccount)Session[Constant.SessionStoreAccountInfo]; if (info == null) { info = new Lib.Business.Models.DBContext.UsTransport.tblStoreAccount(); } return(info); }
public override void OnAuthorization(AuthorizationContext filterContext) { if (!filterContext.IsChildAction) { string controller = filterContext.RouteData.Values["controller"].ToString().ToLower(); string action = filterContext.RouteData.Values["action"].ToString().ToLower(); string returnUrl = filterContext.RequestContext.HttpContext.Request.Url.AbsoluteUri; if (!((controller.Equals("home") && _lstActionNoneCheck.Contains(action)) || _lstControllerNoneCheck.Contains(controller))) { var username = HttpContext.Current.Session[Constant.SessionUsername]; if (username == null) { // Redirect to Login Page FormsAuthentication.SignOut(); HttpContext.Current.Session[Constant.SessionPreviousUrl] = filterContext.HttpContext.Request.Url; filterContext.Result = new RedirectResult("~/Home/Login"); } else //nếu đang còn session { var user = _userService.GetUserByUsername(username.ToString()); if (user != null && user.IsActive) { var isAllowAccess = false; bool IsStore = false; //Kiem tra accout login co phai store ko bool IsAdmin = false; bool IsCSKH = false; var lstRoleId = _userService.GetLstRoleIdByUserId(user.Id); HttpContext.Current.Session[Constant.SessionUserRole] = string.Join(",", lstRoleId); if (lstRoleId != null && lstRoleId.Any()) { if (lstRoleId.Contains(RoleEnum.Admin)) { IsAdmin = true; isAllowAccess = true; } if (lstRoleId.Contains(RoleEnum.Store)) { IsStore = true; } if (lstRoleId.Contains(RoleEnum.SupplierEmployee)) { IsCSKH = true; } // if (lstRoleId.Contains(RoleEnum.Root)) { isAllowAccess = true; IsAdmin = true; } else { var lstMenu = _menuService.GetLstMenuByLstRoleId(lstRoleId); if (lstMenu != null && lstMenu.Any()) { Lib.Business.Models.DBContext.UsTransport.tblMenu menu = null; if (action == "index") { menu = lstMenu.FirstOrDefault(x => (!string.IsNullOrEmpty(x.Controller) && x.Controller.ToLower().Equals(controller))); } else { menu = lstMenu.FirstOrDefault(x => (!string.IsNullOrEmpty(x.Controller) && !string.IsNullOrEmpty(x.Action) && x.Controller.ToLower().Equals(controller) && x.Action.ToLower().Equals(action))); } if (menu != null && menu.IsActive) { isAllowAccess = true; } } } } if (isAllowAccess) { HttpContext.Current.Session[Constant.SessionUsername] = username; HttpContext.Current.Session[Constant.SessionUserID] = user.Id; if (IsStore) { Lib.Business.Models.DBContext.UsTransport.tblStoreAccount storeOfUser = _storeServices.SelectStoreByUserName(username.ToString()); if (storeOfUser != null) { HttpContext.Current.Session[Constant.SessionStoreID] = storeOfUser.id; HttpContext.Current.Session[Constant.SessionStoreName] = storeOfUser.StoreName; } } HttpContext.Current.Session[Constant.SessionIsAdmin] = IsAdmin; HttpContext.Current.Session[Constant.SessionIsCSKH] = IsCSKH; } else { filterContext.Result = new HttpStatusCodeResult(403); throw new HttpException(403, "Access Denied"); } } else { filterContext.Result = new RedirectResult("~/Home/Login"); } } } } }