locked
How to set roles or permission during claims auth in asp.net mvc5 RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User264732274 posted

    before i use form authentication in asp.net mvc4. now i like to use claim auth with asp.net mvc5. i like to know how people set roles when they use claim with identity in asp.net mvc5?

    before how i set roles after login this way.

    [HttpPost]
public ActionResult Login(User model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        using (userDbEntities entities = new userDbEntities())
        {
            string username = model.username;
            string password = model.password;

            bool userValid = entities.Users.Any(user => user.username == username && user.password == password);

            if (userValid)
            {

                FormsAuthentication.SetAuthCookie(username, false);
                if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                    && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                {
                    return Redirect(returnUrl);
                }
                else
                {
                    return RedirectToAction("Index", "Home");
                }
            }
            else
            {
                ModelState.AddModelError("", "The user name or password provided is incorrect.");
            }
        }
    }

    return View(model);
}

    setting roles with custom auth

    protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
    if (FormsAuthentication.CookiesSupported == true)
    {
        if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
        {
            try
            {
                //let us take out the username now                
                string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
                string roles = string.Empty;

                using (userDbEntities entities = new userDbEntities())
                {
                    User user = entities.Users.SingleOrDefault(u => u.username == username);

                    roles = user.Roles;
                }
                //let us extract the roles from our own custom cookie


                //Let us set the Pricipal with our user specific details
                HttpContext.Current.User  = new System.Security.Principal.GenericPrincipal(
                  new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
            }
            catch (Exception)
            {
                //somehting went wrong
            }
        }
    }
}

    a sample action which will be accessible if user is in admin role

    [Authorize(Roles="admin")]
    public ActionResult AdminIndex()
    {
        ViewBag.Message = "This can be viewed only by users in Admin role only";
        return View();
    }

    please tell me how people set permission when they work with identity and claims authorization with asp.net mvc 5?

    it will be very helpful if anyone post a sample code which drive me to right direction.

    code taken from http://www.codeproject.com/Articles/578374/AplusBeginner-27splusTutorialplusonplusCustomplusF

    thanks

    Wednesday, September 21, 2016 11:51 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User347430248 posted

    Hi Sudip,

    maybe this can help you.

    void Application_PostAuthenticateRequest()
{
    if (Request.IsAuthenticated)
    {
        string[] roles = GetRolesForUser(User.Identity.Name);
        var id = ClaimsPrincipal.Current.Identities.First();
        foreach (var role in roles)
        {
            id.Claims.Add(new Claim(ClaimTypes.Role, role));
        }
    }
}

    Reference

    Adding custom roles to windows roles in Asp.Net using claims

    Regards

    Deepak

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, September 22, 2016 5:57 AM