public ActionResult Logout() { UserSessionContext us = new UserSessionContext(HttpContext); us.RemoveUserId(); return RedirectToAction("Login", "Account"); }
void IActionFilter.OnActionExecuting(ActionExecutingContext filterContext) { UserSessionContext us = new UserSessionContext(filterContext.HttpContext); int userId = us.GetUserId(); var query = from u in db.Users where u.Id == userId && u.Role == userRole select u; var user = query.FirstOrDefault(); if (user == null) { RouteValueDictionary redirectTargetDictionary = new RouteValueDictionary(); redirectTargetDictionary.Add("action", "Login"); redirectTargetDictionary.Add("controller", "Account"); filterContext.Result = new RedirectToRouteResult(redirectTargetDictionary); } else { filterContext.HttpContext.Items.Add("User", user); } this.OnActionExecuting(filterContext); }
public ActionResult Login(LoginUserViewModel model) { if (!ModelState.IsValid) { return View(model); } var query = from u in db.Users where u.Name == model.Username && u.Role == UserRole.Admin select u; var user = query.FirstOrDefault(); if (user == null || !PasswordHashService.ValidatePassword(model.Password, user.Password)) { FlashMessageHelper.SetMessage(this, FlashMessageType.Warning, "Autoryzacja danych nie przebiegła pomyślnie."); return View(model); } UserSessionContext us = new UserSessionContext(HttpContext); us.SetUserId(user.Id); return RedirectToAction("Index", "Dashboard"); }