public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAuthenticated)
{
AuthoringUser userInfo = (AuthoringUser)filterContext.HttpContext.User.Identity;
var userTypes = this.UserTypes.Split(',');
bool authorized = false;
foreach (var userType in userTypes)
{
if (userType == userInfo.UserType)
{
authorized = true;
break;
}
}
if (!authorized)
{
filterContext.Result = new RedirectResult("~/Error/Index");
}
}
else
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "controller", "Account" },
{ "action", "Login" },
{ "ReturnUrl", filterContext.HttpContext.Request.RawUrl }
});
}
}
private void Application_AuthenticateRequest(object Sender, EventArgs e)
{
HttpCookie authCookie = this.Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (IsValidAuthCookie(authCookie))
{
var formsAuthentication = DependencyResolver.Current.GetService <FormsAuthenticationFactory>();
var ticket = FormsAuthentication.Decrypt(authCookie.Value);
FormsAuthentication.RenewTicketIfOld(ticket);
var authUser = new AuthoringUser(ticket);
string[] userRoles = { authUser.UserType };
this.Context.User = new GenericPrincipal(authUser, userRoles);
//formsAuthentication.SetAuthCookie(this.Context, ticket);
}
}
