public void Configuration(IAppBuilder app) { // Register UserManager for OWIN app.CreatePerOwinContext <IdentityUserManager>(IdentityUserManager.Create); // Use cookies for authentication and authorization // LoginPath - path to redirect unauthenticated user app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login") }); // Receive settings about google application GoogleSection section = (GoogleSection)WebConfigurationManager.GetSection("googleSection"); GoogleElement elem = section.GoogleElement; AdminSection adminSection = (AdminSection)WebConfigurationManager.GetSection("adminSection"); AdminsCollection adminsCollection = adminSection.AdminEmails; for (int i = 0; i < adminsCollection.Count; i++) { var uuu = adminsCollection[i]; } // Use external cookies app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Google authentication app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() { ClientId = elem.ClientId, ClientSecret = elem.ClientSecret, CallbackPath = new PathString("/Account/LoginCallback/") }); }
public IEnumerable <AllowedAction> GetAllowedActions() { List <AllowedAction> allowedActions = new List <AllowedAction>(); allowedActions.Add(new AllowedAction("Templates", "Templates", "Home")); if (this._identity.IsAuthenticated) { allowedActions.Add(new AllowedAction("Create your pizza", "PizzaConstructor", "Home")); allowedActions.Add(new AllowedAction("Your pizzas", "OrdersHistory", "Home")); string userId = this._identity.GetUserId(); AdminSection adminSection = (AdminSection)WebConfigurationManager.GetSection("adminSection"); AdminsCollection adminsCollection = adminSection.AdminEmails; for (int i = 0; i < adminsCollection.Count; i++) { if (adminsCollection[i].Email == userId) { allowedActions.Add(new AllowedAction("Admin panel", "Index", "AdminPage")); break; } } } return(allowedActions); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { bool allow = false; AdminSection adminSection = (AdminSection)WebConfigurationManager.GetSection("adminSection"); AdminsCollection adminsCollection = adminSection.AdminEmails; for (int i = 0; i < adminsCollection.Count; i++) { if (httpContext.User.Identity.GetUserId() == adminsCollection[i].Email) { return(allow = true); } else { allow = false; } } return(allow); //return httpContext.Request.IsLocal || base.AuthorizeCore(httpContext); }