/// <summary> /// Called by the MVC framework before the action method executes. /// </summary> /// <param name="filterContext">The filter context.</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { if (OnlyAllowUnauthenticatedUsers) { return; } //use the current url for the redirect string redirectOnSuccess = filterContext.HttpContext.Request.Url.AbsolutePath; //send them off to the login page string redirectUrl = string.Format("?ReturnUrl={0}", redirectOnSuccess); string loginUrl = FormsAuthentication.LoginUrl + redirectUrl; filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(loginUrl, true); return; } else //User is authenticated { var httpContext = new HttpContextWrapper(HttpContext.Current); var requestContext = new RequestContext(httpContext, new RouteData()); var u = new UrlHelper(requestContext); if (OnlyAllowUnauthenticatedUsers) { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true); return; } //Unauthorized roles bool isUnAuthorized = false; if (!string.IsNullOrEmpty(UnauthorizedRoles)) { if (!(UnauthorizedRoles.Trim() == "")) { var roleSplit = UnauthorizedRoles.Split(','); foreach (var role in roleSplit) { if (filterContext.HttpContext.User.IsInRole(role.Trim())) { isUnAuthorized = true; break; } } } } if (isUnAuthorized) { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true); return; } //Authorized roles bool isAuthorized = false; if (!string.IsNullOrEmpty(AuthorizedRoles)) { if (!(AuthorizedRoles.Trim() == "")) { var roleSplit = AuthorizedRoles.Split(','); foreach (var role in roleSplit) { if (filterContext.HttpContext.User.IsInRole(role.Trim())) { isAuthorized = true; break; } } } } else { isAuthorized = true; } if (!isAuthorized) { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true); return; } } }
/// <summary> /// Called by the MVC framework before the action method executes. /// </summary> /// <param name="filterContext">The filter context.</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { if (OnlyAllowUnauthenticatedUsers) { return; } //use the current url for the redirect string redirectOnSuccess = filterContext.HttpContext.Request.Url.AbsolutePath; //send them off to the login page string redirectUrl = string.Format("?ReturnUrl={0}", redirectOnSuccess); string loginUrl = FormsAuthentication.LoginUrl + redirectUrl; filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(loginUrl, true); return; } else //User is authenticated { var httpContext = new HttpContextWrapper(HttpContext.Current); var requestContext = new RequestContext(httpContext, new RouteData()); var u = new UrlHelper(requestContext); if (OnlyAllowUnauthenticatedUsers) { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true); return; } if (!AuthorizeSuspended && !filterContext.HttpContext.User.IsInRole(RoleNames.ActiveUser)) { //Is suspended filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("ShowSuspensionStatus", "Account"), true); return; } if (!AuthorizeEmailNotConfirmed && filterContext.HttpContext.User.IsInRole(RoleNames.EmailNotConfirmed) && ConfigurationManager.AppSettings["RequireEmailConfirmation"] == "true") { //Email hasn't been confirmed filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("ShowEmailAddressVerificationStatus", "Account"), true); return; } //Unauthorized roles bool isUnAuthorized = false; if (!string.IsNullOrEmpty(UnauthorizedRoles)) { if (!(UnauthorizedRoles.Trim() == "")) { var roleSplit = UnauthorizedRoles.Split(','); foreach (var role in roleSplit) { if (filterContext.HttpContext.User.IsInRole(role.Trim())) { isUnAuthorized = true; break; } } } } if (isUnAuthorized) { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true); return; } //Authorized roles bool isAuthorized = false; if (!string.IsNullOrEmpty(AuthorizedRoles)) { if (!(AuthorizedRoles.Trim() == "")) { var roleSplit = AuthorizedRoles.Split(','); foreach (var role in roleSplit) { if (filterContext.HttpContext.User.IsInRole(role.Trim())) { isAuthorized = true; break; } } } } else { isAuthorized = true; } if (!isAuthorized) { filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true); return; } } }