27 January 2013

MVC- Authentication/Authorization









            //
            // GET: /Index/
            [Authorize]
            public ActionResult Index()
            {
                return View();
            }
        




            [Authorize]
            public class IndexController : Controller
            {
                //
                // GET: /Index/
                public ActionResult Index()
                {
                    return View();
                }

            }
        







            For Controller:

            [Authorize(Roles="Administrator, User")]
            public class IndexController : Controller
            {
                //
                // GET: /Index/

                public ActionResult Index()
                {
                    return View();
                }

            }

            For Action Method:

            //
            // GET: /Index/
            [Authorize(Roles = "Administrator, User")]
            public ActionResult Index()
            {
                return View();
            }

            [Authorize(Roles = "User")]
            public ActionResult User()
            {
                return View();
            }

        










            public class CustomAuth : AuthorizeAttribute
            {
                 public override void OnAuthorization(
                            AuthorizationContext filterContext)
                   {
                    base.OnAuthorization(filterContext);
                    if (filterContext.RequestContext.
                            HttpContext.User.Identity.IsAuthenticated)
                    {
                        //TODO: Add code for validate user
                    }
          }
      }


            For use this atherization code see below code block.


            [CustomAuth]
            public ActionResult Index1()
            {
                return View();
            }

        




            public class CustomAuth : AuthorizeAttribute
            {
                public string[] _roles;
                public CustomAuth()
                {
                    _roles = new string[] { "Administrator" };
                }

                public CustomAuth(string[] roles)
                {
                    _roles = roles;
                }

                public override void OnAuthorization(
                        AuthorizationContext filterContext)
                {
                    base.OnAuthorization(filterContext);
                    if (filterContext.RequestContext.
                            HttpContext.User.Identity.IsAuthenticated)
                    {
                        //TODO: Add code for validate user
                        //TODO: Check Roles
                    }
                }
            }



            [CustomAuth(new [] { "Administrator", "User" })]
            public ActionResult Index2()
            {
                return View();
            }

        


1 comment: