public ActionResult Login(FormCollection formCollection, string username, string password, string url = "") { User u = null; try { u = UserSessionContext.Dologin(username, password); } catch (Exception ex) { return(Redirect($"/Admin/AdminHome/Login/?error={HttpUtility.UrlEncode(ex.ToMessage())}")); } if (u == null) { return(View()); } if (UserSessionContext.CurrentUserIsSysAdmin(u.TokenSession) || string.IsNullOrEmpty(url)) { return(Redirect("~/Admin")); } url = HttpUtility.UrlDecode(url); if (url.Equals(UserSessionContext.UrlAdminLogin, StringComparison.OrdinalIgnoreCase)) { return(Redirect("~/")); } return(Redirect(url)); }
public ActionResult Login(FormCollection formCollection, string username, string password, string url = "") { UserSessionContext.Dologin(username, password); if (!string.IsNullOrEmpty(url)) { return(Redirect(HttpUtility.UrlDecode(url))); } if (UserSessionContext.CurrentUserIsSysAdmin()) { return(Redirect("~/Admin")); } if (UserSessionContext.CurrentUser() != null) { return(Redirect("~/")); } return(View()); }
public ActionResult Logout() { var currentUserIsSysAdmin = UserSessionContext.CurrentUserIsSysAdmin(); try { UserSessionContext.Dologout(); return(Redirect("~/")); } catch { } if (currentUserIsSysAdmin) { return(Redirect(UserSessionContext.UrlAdminLogin)); } return(Redirect("~/")); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { if (_allowAnonymous) { base.OnActionExecuting(filterContext); return; } if (UserSessionContext.CurrentUserIsSysAdmin() == true) { base.OnActionExecuting(filterContext); return; } HttpContextBase context = filterContext.HttpContext; var url = context.Request.Url.ToString().ToLower(); var customerLoginUrl = UserSessionContext.UrlAdminLogin + "?url=" + HttpUtility.UrlEncode(url); if (UserSessionContext.CurrentUser() == null) { filterContext.Result = new RedirectResult(customerLoginUrl); } else { // check url routing to match with rights var controller = filterContext.RouteData.GetRequiredString("controller"); var action = filterContext.RouteData.GetRequiredString("action"); var keyName = $"/{controller}/{action}/"; var rights = UserSessionContext.CurrentUserRights(); var found = rights.FirstOrDefault(i => i.KeyName.Equals(keyName, StringComparison.OrdinalIgnoreCase)); if (found == null) { var xxx = UserSessionContext.ListAllRights(); Right x; if (!xxx.TryGetValue(keyName.ToLower(), out x)) { filterContext.Result = new RedirectResult(customerLoginUrl); } else { if (x.ReturnType.Equals(typeof(JsonResult).FullName, StringComparison.OrdinalIgnoreCase)) { filterContext.Result = new JsonResult() { Data = new { Message = "Require logedin : " + url } , JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } else { filterContext.Result = new RedirectResult(customerLoginUrl); } } } } base.OnActionExecuting(filterContext); }