public override void OnAuthorization(AuthorizationContext filterContext) { //var isAuthorized= base.OnAuthorization(filterContext); if (filterContext.HttpContext.Request.IsAuthenticated) { using (var db = new QLKSEntities2()) { var authorizedRoles = (from u in db.TaiKhoan where u.Email == filterContext.HttpContext.User.Identity.Name select u.Roles).SingleOrDefault(); Roles = string.IsNullOrEmpty(Roles) ? authorizedRoles : Roles; } } if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { filterContext.Controller.TempData.Add("RedirectReason", "Unlogin"); filterContext.Result = new RedirectResult("~/Account/Login"); return; } if (filterContext.Result is HttpUnauthorizedResult) { filterContext.Controller.TempData.Add("RedirectReason", "Unauthorized"); filterContext.Result = new RedirectResult("~/Account/Login"); return; } }
// // GET: /Manage/Index public async Task <ActionResult> Index(ManageMessageId?message) { QLKSEntities2 db = new QLKSEntities2(); ViewBag.StatusMessage = message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed." : message == ManageMessageId.SetPasswordSuccess ? "Your password has been set." : message == ManageMessageId.SetTwoFactorSuccess ? "Your two-factor authentication provider has been set." : message == ManageMessageId.Error ? "An error has occurred." : message == ManageMessageId.AddPhoneSuccess ? "Your phone number was added." : message == ManageMessageId.RemovePhoneSuccess ? "Your phone number was removed." : ""; var userId = User.Identity.GetUserId(); var model = new IndexViewModel { HasPassword = HasPassword(), PhoneNumber = await UserManager.GetPhoneNumberAsync(userId), TwoFactor = await UserManager.GetTwoFactorEnabledAsync(userId), Logins = await UserManager.GetLoginsAsync(userId), BrowserRemembered = await AuthenticationManager.TwoFactorBrowserRememberedAsync(userId) }; return(View(model)); }
private bool HasPassword() { QLKSEntities2 db = new QLKSEntities2(); var user = UserManager.FindById(User.Identity.GetUserId()); if (user != null) { return(user.Email != null); } return(false); }