protected void Application_PostAuthenticateRequest(Object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); Model.CustomPrincipalSerializeModel serializeModel = JsonConvert.DeserializeObject <Model.CustomPrincipalSerializeModel>(authTicket.UserData); Model.CustomPrincipal newUser = new Model.CustomPrincipal(authTicket.Name); newUser.UserId = serializeModel.UserId; newUser.Name = serializeModel.Name; newUser.Roles = serializeModel.Roles; HttpContext.Current.User = newUser; } }
public ActionResult Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } var user = _membershipService.ValidateMemeber(model.Email, model.Password); if (user != null) { var userRole = user.UserRoles.Select(r => r.RoleId).ToList(); var roles = new string[] { }; using (var db = new UnitOfWork()) { var roleRepo = db.GetRepository <Role>(); roles = roleRepo.GetMany(r => userRole.Contains(r.Id)).Select(r => r.Name).ToArray(); } Model.CustomPrincipalSerializeModel serializeModel = new Model.CustomPrincipalSerializeModel(); serializeModel.UserId = user.Id; serializeModel.Name = user.Name; serializeModel.Roles = roles; string userData = JsonConvert.SerializeObject(serializeModel); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, user.Email, DateTime.Now, DateTime.Now.AddDays(30), model.RememberMe, userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); faCookie.Expires = authTicket.Expiration; Response.Cookies.Add(faCookie); if (user.UserRoles.Any(u => u.RoleId == 2 && u.UserId == user.Id)) { Session["AccountEmail"] = model.Email; if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } var url = ViewBag.ReturnUrl != null ? ViewBag.ReturnUrl : "~"; return(Redirect(url)); } if (!string.IsNullOrEmpty(returnUrl)) { returnUrl = HttpUtility.HtmlEncode(returnUrl); return(Redirect(returnUrl)); } return(RedirectToAction("index", "post", new { Area = "ttn_content" })); } else { ModelState.AddModelError("", "Email hoặc mật khẩu không chính xác"); return(View(model)); } }