protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e) { if (FormsAuthentication.CookiesSupported == true) { if (Request.Cookies[FormsAuthentication.FormsCookieName] != null) { try { //let us take out the username now string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name; string roles = string.Empty; using (TripDBEntities1 entities = new TripDBEntities1()) { Users user = entities.Users.SingleOrDefault(u => u.login == username); roles = user.role; } //let us extract the roles from our own custom cookie //Let us set the Pricipal with our user specific details e.User = new System.Security.Principal.GenericPrincipal( new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';')); } catch (Exception) { //somehting went wrong } } } }
public ActionResult Login(Users model, string returnUrl) { // Lets first check if the Model is valid or not if (ModelState.IsValid) { using (TripDBEntities1 entities = new TripDBEntities1()) { string username = model.login; string password = model.password; bool userValid = entities.Users.Any(user => user.login == username && user.password == password); // User found in the database if (userValid) { FormsAuthentication.SetAuthCookie(username, false); // return RedirectToAction("Users", "Home"); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return(Redirect(returnUrl)); } else { return(RedirectToAction("Index", "Home")); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } } // If we got this far, something failed, redisplay form return(View(model)); }