How to make custom authorization security based on database after login success ? RRS feed

  • Question

  • User696604810 posted

    I work on project use asp.net mvc 5 and SQL server 2012 .
    I need to make custom authorization system based on database using ado.net technology
    so that if any one can helping by resources or source code or write source code or steps
    after login success load
    I need before any page on app open check or validate role
    if have true on status on user_roles table than open page
    if not redirect to page access is denied .
    so what i do after login success ?
    meaning what action event executed and where handle access to action or access denied after login success .

    What I have tried:

    I create 3 tables
    User_roles (userid from users table ,roleid from role table)
    User_roles table
    userid roleid pagenam status
    michel Administration accounts.aspx true

            public ActionResult Login(LoginView loginView, string ReturnUrl = "")  
                if (ModelState.IsValid)  
                    if (Membership.ValidateUser(loginView.UserName, loginView.Password))  
                        var user = (CustomMembershipUser)Membership.GetUser(loginView.UserName, false);  
                        if (user != null)  
                            CustomSerializeModel userModel = new Models.CustomSerializeModel()  
                                UserId = user.UserId,  
                                FirstName = user.FirstName,  
                                LastName = user.LastName,  
                                RoleName = user.Roles.Select(r => r.RoleName).ToList()  
                            string userData = JsonConvert.SerializeObject(userModel);  
                            FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket  
                                1, loginView.UserName, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData  
                            string enTicket = FormsAuthentication.Encrypt(authTicket);  
                            HttpCookie faCookie = new HttpCookie("Cookie1", enTicket);  
                        if (Url.IsLocalUrl(ReturnUrl))  
                            return Redirect(ReturnUrl);  
                            return RedirectToAction("Index");  
                ModelState.AddModelError("", "Something Wrong : Username or Password invalid ^_^ ");  
                return View(loginView);  

    Sunday, November 3, 2019 2:55 AM

All replies