protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e) { if (FormsAuthentication.CookiesSupported == true) { if (Request.Cookies[FormsAuthentication.FormsCookieName] != null) { try { //let us take out the username now string acc_name = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name; string roles = string.Empty; using (projectShopEntities entities = new projectShopEntities()) { Account account = entities.Accounts.SingleOrDefault(u => u.acc_name == acc_name); roles = account.Roles; } //let us extract the roles from our own custom cookie //Let us set the Pricipal with our user specific details e.User = new System.Security.Principal.GenericPrincipal( new System.Security.Principal.GenericIdentity(acc_name, "Forms"), roles.Split(';')); } catch (Exception) { //somehting went wrong } } } }
public ActionResult Produkt(int Id) { // henter categori ud fra id i urlen. projectShopEntities db = new projectShopEntities(); List<Product> product = db.Products.Where(c => c.product_category == Id).ToList(); return View(product); }
public ActionResult Login(Account model, string returnUrl) { // Lets first check if the Model is valid or not if (ModelState.IsValid) { using(projectShopEntities entities = new projectShopEntities()) { string acc_name = model.acc_name; string acc_pass = model.acc_pass; bool userValid = entities.Accounts.Any(account => account.acc_name == acc_name && account.acc_pass == acc_pass); if (userValid) { FormsAuthentication.SetAuthCookie(acc_name, false); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { return RedirectToAction("Start", "Admin"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } } return View(model); }