public ActionResult Login(User user)
{
string passwordHash = Helper.GetSHA512Hash(user.Password);
using (LoginDataModelContainer db = new LoginDataModelContainer())
{
var dbUser = db.Users.SingleOrDefault(x => x.Username == user.Username && x.Password == passwordHash);
if (dbUser != null)
{
FormsAuthentication.SetAuthCookie(user.Username, true);
dbUser.Roles.Clear();
dbUser.Roles = (from role in db.Roles
join userRole in user.SelectedRoles on role.Id equals userRole
select role).ToList();
db.SaveChanges();
return RedirectToAction("Index");
}
}
ModelState.AddModelError("LoginError", "Login failed");
return View(user);
}
public void Configuration(IAppBuilder app)
{
#region Redirect to Login if required
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "ApplicationCookie",
LoginPath = new PathString("/Account/Login")
});
#endregion
#region DB Setup
using (LoginDataModelContainer db = new LoginDataModelContainer())
{
if (!db.Roles.Any())
{
db.Roles.Add(new Role { Name = "Admin", Description = "Administrator" });
db.Roles.Add(new Role { Name = "IT", Description = "IT" });
db.Roles.Add(new Role { Name = "User", Description = "User" });
db.SaveChanges();
}
if (!db.Users.Any())
{
db.Users.Add(new User { Firstname = "Admin", Lastname = "Admin", Username = "******", Password = Helper.GetSHA512Hash("admin"), Roles = db.Roles.Where(x => x.Name == "Admin" || x.Name == "IT").ToList() });
db.Users.Add(new User { Firstname = "IT", Lastname = "IT", Username = "******", Password = Helper.GetSHA512Hash("it"), Roles = db.Roles.Where(x => x.Name == "IT").ToList() });
db.Users.Add(new User { Firstname = "User", Lastname = "User", Username = "******", Password = Helper.GetSHA512Hash("user"), Roles = db.Roles.Where(x => x.Name == "User").ToList() });
db.SaveChanges();
}
}
#endregion
}
public ActionResult Login()
{
using (LoginDataModelContainer db = new LoginDataModelContainer())
{
User user = new User();
ViewBag.Roles = db.Roles.ToList();
return View(user);
}
}
protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
using (LoginDataModelContainer db = new LoginDataModelContainer())
{
if (db.Users.Any(x=>x.Username == User.Identity.Name))
{
GenericIdentity identity = new GenericIdentity(User.Identity.Name);
GenericPrincipal principal = new GenericPrincipal(identity, db.Users.Single(x=>x.Username == User.Identity.Name).Roles.Select(x=>x.Name).ToArray());
Context.User = principal;
System.Threading.Thread.CurrentPrincipal = principal;
}
}
}
}
