Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- namespace MyApp.Custom.Security
- {
- public class Secure : AuthorizeAttribute
- {
- /// <summary>
- /// Checks to see if the user is authenticated and has a valid session object
- /// </summary>
- /// <param name="httpContext"></param>
- /// <returns></returns>
- protected override bool AuthorizeCore(HttpContextBase httpContext)
- {
- if (httpContext == null) throw new ArgumentNullException("httpContext");
- // Make sure the user is authenticated.
- if (httpContext.User.Identity.IsAuthenticated == false) return false;
- // This will check my session variable and a few other things.
- return Helpers.SecurityHelper.IsSignedIn();
- }
- }
- }
- public class AuthorisationModule : IHttpModule
- {
- public void Init( HttpApplication context )
- {
- context.AuthorizeRequest += AuthorizeRequest;
- }
- private void AuthorizeRequest(object sender, EventArgs e)
- {
- var currentUser = HttpContext.Current.User;
- if( !currentUser.IsAuthenticated() )
- {
- return;
- }
- var roles = new List<string>();
- // Add roles here using whatever logic is required
- var principal = new GenericPrincipal( currentUser.Identity, roles.ToArray() );
- HttpContext.Current.User = principal;
- }
- public void Dispose()
- {
- if(HttpContext.Current == null )
- {
- return;
- }
- if(HttpContext.Current.ApplicationInstance == null)
- {
- return;
- }
- HttpContext.Current.ApplicationInstance.AuthorizeRequest -= AuthorizeRequest;
- }
- }
Add Comment
Please, Sign In to add comment