public void MvcApplication_PostAuthenticateRequest(object sender, EventArgs e) { var authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { string encTicket = authCookie.Value; if (!String.IsNullOrEmpty(encTicket)) { var ticket = FormsAuthentication.Decrypt(encTicket); var id = new CustomIdentity(ticket); //var userRoles = Roles.GetRolesForUser(id.Name); //get role var userRoles = new string[] { }; var prin = new GenericPrincipal(id, userRoles); HttpContext.Current.User = prin; } } }
/// <summary> /// /// </summary> /// <param name="filterContext"></param> public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; if (cookie != null) { FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value); var customidentity = new CustomIdentity(ticket); if (customidentity == null || !customidentity.IsInRole(Role)) { //ContentResult Content = new ContentResult(); //Content.Content = "<script type='text/javascript'>alert('Auth verify Failed!');history.go(-1);</script>"; //filterContext.Result = Content; //throw new HttpException(401, null); filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Error", name = customidentity.Name, action = "AccessDenied" })); } string viewBagUsername = filterContext.Controller.ViewBag.UserName; if (!string.IsNullOrEmpty(viewBagUsername)) { string currentUsername = customidentity.Name; if (viewBagUsername.ToLower() != currentUsername.ToLower()) { //if (customidentity.Roles[0] == "User") //{ // filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new // { // action = "AccessDenied", // controller = "Error" // })); //} //else if (customidentity.Roles[0] == "PowerUser") //{ // string[] users = null; // //new ProxyHelper<IMember>().Use(code => // //{ // // users = code.GetOrgUsersByUsername(currentUsername); // //}, Constants.MEMBER_ENDPOINT); // MemberService.MemberClient memberService = new MemberService.MemberClient(); // users = memberService.GetOrgUsersByUsername(currentUsername); // if(!Helpers.HasInVale(users,viewBagUsername)) // { // filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new // { // action = "AccessDenied", // controller = "Error" // })); // } //} filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Error", name = customidentity.Name, action = "AccessDenied" })); } } } }