protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authoCookies = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authoCookies != null)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authoCookies.Value);
JavaScriptSerializer js = new JavaScriptSerializer();
User user = js.Deserialize <User>(ticket.UserData);
LoginUserIdentity loginUserIdentity = new LoginUserIdentity(user);
UserCustomPrincipal userCustomPrincipal = new UserCustomPrincipal(loginUserIdentity);
HttpContext.Current.User = userCustomPrincipal;
}
}
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var user = JsonConvert.DeserializeObject <User>(authTicket.UserData);
var identity = new UserCustomIdentity(user);
var principal = new UserCustomPrincipal(identity);
HttpContext.Current.User = principal;
Thread.CurrentPrincipal = principal;
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
UserCustomPrincipal principal = new UserCustomPrincipal(System.Threading.Thread.CurrentPrincipal.Identity);
if (principal == null || principal.UserId == Guid.Empty)
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectResult("~/account/login");
return;
}
//var user = HttpContext.Current.User as UserCustomPrincipal;
//if (user != null)
//{
string pagePath = HttpContext.Current.Request.Path.ToLower();
if (pagePath.Contains("/home") || pagePath.Contains("/account"))
{
return;
}
if (principal.IsInRole(RoleType.Administrator))
{
if (false == pagePath.Contains("/admin"))
{
//not authorised to view the page
filterContext.Result = new RedirectResult("~/");
return;
}
}
if (principal.IsInRole(RoleType.Recruiter))
{
if (false == pagePath.Contains("/recruiter"))
{
//not authorised to view the page
filterContext.Result = new RedirectResult("~/");
return;
}
}
//}
}
public ActionResult Login(User objUser)
{
User user = _unitOfWork.UserService.GetUserByCredentials(objUser);
JavaScriptSerializer js = new JavaScriptSerializer();
string data = js.Serialize(user);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserName, DateTime.Now, DateTime.Now.AddMinutes(30), false, data);
string encToken = FormsAuthentication.Encrypt(ticket);
HttpCookie authoCookies = new HttpCookie(FormsAuthentication.FormsCookieName, encToken);
Response.Cookies.Add(authoCookies);
LoginUserIdentity loginUserIdentity = new LoginUserIdentity(user);
UserCustomPrincipal myPrincipal = new UserCustomPrincipal(loginUserIdentity);
HttpContext.User = myPrincipal;
return(RedirectToAction("Note", "Note"));
}
