public void Application_AuthenticateRequest(Object sender, EventArgs e)
{
var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie == null) return;
var decryptedCookie = FormsAuthentication.Decrypt(cookie.Value);
if (decryptedCookie == null) return;
using (var context = new UserContext())
{
var userRepository = new UserRepository(context);
var identity = userRepository.Find(decryptedCookie.Name);
var loginService = new LoginService(userRepository);
if (loginService.CheckDate())
{
var principal = new GenericPrincipal(identity, new string[] {"Member"});
Thread.CurrentPrincipal = HttpContext.Current.User = principal;
}
else
{
FormsAuthentication.SignOut();
}
}
}
public AccountController()
{
_userContext = new UserContext();
_userRepository = new UserRepository(_userContext);
_loginService = new LoginService(_userRepository);
}