public JsonResult Login(LoginModal model) { //to do: Implement user login var data = _userManager.AdminLogin(model); if (data.Status == ActionStatus.Successfull) { data.Object = new UserModel { FirstName = data.Object.FirstName, LastName = data.Object.LastName, Email = data.Object.Email, UserID = data.Object.UserID, IsApproved = true, //IsSuperAdmin = data.Object.IsSuperAdmin }; } else { data.Status = ActionStatus.Error; data.Message = "Invalid Credentials."; } if (data.Status == ActionStatus.Successfull) { //var user_data = data.Object; //CreateCustomAuthorisationCookie(model.UserName, false, new JavaScriptSerializer().Serialize(user_data)); var PermissonAndDetailModel = new PermissonAndDetailModel(); PermissonAndDetailModel.UserDetails = data.Object; PermissonAndDetailModel.ModulesModelList = _userManager.GetAllModulesAtAuthentication(data.Object.UserID); CreateCustomAuthorisationCookie(model.UserName, true, new JavaScriptSerializer().Serialize(PermissonAndDetailModel)); } return(Json(data, JsonRequestBehavior.AllowGet)); }
/// <summary> /// This will be used to check user authorization /// </summary> /// <param name="filter_context"></param> protected override void OnAuthorization(AuthorizationContext filter_context) { HttpCookie auth_cookie = Request.Cookies[Cookies.AuthorizationCookie]; HttpCookie admin_auth_cookie = Request.Cookies[Cookies.AdminAuthorizationCookie]; #region If auth cookie is present if (auth_cookie != null) { #region If Logged User is null if (LOGGEDIN_USER == null) { try { FormsAuthenticationTicket auth_ticket = FormsAuthentication.Decrypt(auth_cookie.Value); LOGGEDIN_USER = new JavaScriptSerializer().Deserialize <PermissonAndDetailModel>(auth_ticket.UserData); System.Web.HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(new FormsIdentity(auth_ticket), null); } catch (Exception exc) { if (auth_cookie != null) { auth_cookie.Expires = DateTime.Now.AddDays(-30); Response.Cookies.Add(auth_cookie); filter_context.Result = RedirectToAction("index", "home"); LogExceptionToDatabase(exc); } } } if ((filter_context.ActionDescriptor.ActionName == "Index" || filter_context.ActionDescriptor.ActionName == "SignUp") && filter_context.ActionDescriptor.ControllerDescriptor.ControllerName == "Home") { filter_context.Result = RedirectToAction("dashboard", "home"); } #endregion ViewBag.LOGGEDIN_USER = LOGGEDIN_USER.UserDetails; } #endregion #region if authorization cookie is not present and the action method being called is not marked with the [Public] attribute else if (!filter_context.ActionDescriptor.GetCustomAttributes(typeof(Public), false).Any()) { if (!Request.IsAjaxRequest()) { filter_context.Result = RedirectToAction("index", "home", new { returnUrl = Server.UrlEncode(Request.RawUrl) }); } else { filter_context.Result = Json(new ActionOutput { Status = ActionStatus.Error, Message = "Authentication Error" }, JsonRequestBehavior.AllowGet); } } #endregion #region if authorization cookie is not present and the action method being called is marked with the [Public] attribute else { //LOGGEDIN_USER = new PermissonAndDetailModel { IsApproved = false }; //ViewBag.LOGGEDIN_USER = LOGGEDIN_USER.UserDetails; } #endregion SetActionName(filter_context.ActionDescriptor.ActionName, filter_context.ActionDescriptor.ControllerDescriptor.ControllerName); }