public override void OnAuthorization(AuthorizationContext filterContext)
{
var myroles = new MyRoleProvider().GetRolesForUser(filterContext.HttpContext.User.Identity.Name);
// If they are authorized, handle accordingly
if (!filterContext.HttpContext.User.Identity.IsAuthenticated || !myroles.Contains("Analista"))
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Analista", controller = "Login", action = "index" }));
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
using (var _UserRepo = new UsuarioRepository())
{
var Roles = new MyRoleProvider().GetRolesForUser(filterContext.HttpContext.User.Identity.Name);
if (Roles.Contains("Users"))
{
var user = _UserRepo.GetByEmail(filterContext.HttpContext.User.Identity.Name);
filterContext.Controller.ViewBag.datavencimento = user.DataVencimentoLicenca.ToString("dd/MM/yyyy");
filterContext.Controller.ViewBag.username = user.Nome;
}
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
var myroles = new MyRoleProvider().GetRolesForUser(filterContext.HttpContext.User.Identity.Name);
if (!filterContext.HttpContext.User.Identity.IsAuthenticated || !myroles.Contains("Users"))
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.HttpContext.Response.StatusDescription = "Tempo de Authenticaçao expirada";
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
filterContext.Result = new JsonResult
{
Data = new
{
Error = "Not Authorized",
LogOnUrl = "/usuario/login"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Usuario", controller = "Login", action = "index" }));
}
}
else
{
var token = filterContext.HttpContext.Session["token"];
if (token == null)
{
FormsAuthentication.SignOut();
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.HttpContext.Response.StatusDescription = "Tempo de Authenticaçao expirada";
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
filterContext.Result = new JsonResult
{
Data = new
{
Error = "Not Authorized",
LogOnUrl = "/usuario/login"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Usuario", controller = "Login", action = "index" }));
}
}
else if (token != null)
{
var expDate = int.Parse(Helper.GetJWTPayloadValue(token.ToString(), "exp"));
int unixTimestampNow = (int)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
if (expDate < unixTimestampNow)
{
FormsAuthentication.SignOut();
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.HttpContext.Response.StatusDescription = "Tempo de Authenticaçao expirada";
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
filterContext.Result = new JsonResult
{
Data = new
{
Error = "Not Authorized",
LogOnUrl = "/usuario/login"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Usuario", controller = "Login", action = "index" }));
}
}
}
}
}