Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public class AuthorizeUserAttribute : AuthorizeAttribute
- {
- protected override bool AuthorizeCore(HttpContextBase httpContext)
- {
- var isAuthorized = base.AuthorizeCore(httpContext);
- if (!isAuthorized)
- {
- return false;
- }
- string roles = string.Join("", httpContext.Session["UserRole"]);
- // string roles = string.Join("", HttpContext.Current.Session["UserRole"]);
- if (Roles.Contains(roles))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- public ActionResult LogIn()
- {
- var model = new UserModel();
- return View(model);
- }
- [HttpPost]
- public ActionResult LogIn(UserModel model)
- {
- if (!ModelState.IsValid)
- {
- return View("LogIn", model);
- }
- else
- {
- var usermodelDB = _UserAccountService.GetUser(model.Password);
- if (model.userName == usermodelDB.userName && model.Password==usermodelDB.Password)
- {
- model.userRole = usermodelDB.userRole;
- FormsAuthentication.SetAuthCookie(model.userRole, true);
- System.Web.HttpContext.Current.Session["UserRole"] = usermodelDB.userRole;
- var ia =System.Web.HttpContext.Current.User.Identity.IsAuthenticated;
- }
- return View("LogIn", model);
- }
- }
- [AuthorizeUser(Roles="User")]
- public ActionResult Index(int page=0)
- {
- return View());
- }
Add Comment
Please, Sign In to add comment
