public override void OnActionExecuting(ActionExecutingContext filterContext)
{
HowToDbEntities _db = new HowToDbEntities();
users user = LoginHelper.CurrentUser();
if (!LoginHelper.IsLoggedIn() || user.categoriesId != (int)categories.admin)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "Controller", "Account" }, { "Action", "Login" }
});
}
else
{
var userPassword = SHA.GenerateSHA512String(user.password);
var userFromDb = _db.users.FirstOrDefault(e => e.password == userPassword && e.email == user.email);
if (userFromDb == null)
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
}
}
base.OnActionExecuting(filterContext);
}
