User-2097295820 posted
During my personal study online. I was able to learn how to do a custom principal. Now I have been learning how to use a Authorize attribute.
I have different kinds of administrators which include SuperAdmin, Moderator and Operator.
So I want to be able to specify some controllers to be strictly for SuperAdmin and Moderator Admin. So that an Operator user would not access the controllers that are meant for the Super Admin user. I really dont know how to do this since I am using a custom
principal.
I would paste my custom principal code may be I could get help here.
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public CustomPrincipal(string username, string roles)
{
this.Identity = new GenericIdentity(username, roles);
}
public int UserID { get; set; }
public string Username { get; set; }
public string Email { get; set; }
public string Admintype { get; set; }
public int ActivityID { get; set; } //This is needed during the logout / signout process
public int Client_CompanyID { get; set; } //This value would tie the users to the companies that they fall under
}
Global.asx code
.........
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(cookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
Debug.WriteLine("This is the username from the authentication ticket " + authTicket.Name);
if (authTicket.Name.Contains("_merchant_org_delivery"))
{
//This means that the login process was done by a company or organisation or delivery firm
CustomPrincipalSerializeModel serializemodel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);
if (serializemodel == null)
{
Response.Write("Login process failed, Please go back try again !!");
return;
}
CustomPrincipal newUser = new CustomPrincipal(authTicket.Name, serializemodel.Admintype);
newUser.UserID = serializemodel.UserID;
newUser.Username = serializemodel.Username;
newUser.ActivityID = serializemodel.ActivityID;
newUser.Admintype = serializemodel.Admintype;
newUser.Client_CompanyID = serializemodel.Client_CompanyID;
newUser.Email = serializemodel.Email;
newUser.EncryptionKey = serializemodel.EncryptionKey;
newUser.VerificationKey = serializemodel.VerificationKey;
HttpContext.Current.User = newUser;
}
}
}
..............................
My Controller login method
I call this helper method after doing the login
[NonAction]
private void CreateAuthenticationTicket(int userid,string admintype,string username,string email,int activityid,int Client_CompanyID){
//Create the keys that would be used for encryption
KeyProvider keys = new KeyProvider();
keys.EncryptionKey = CryptoHelper.GenerateRandomBytes();
keys.VerificationKey = CryptoHelper.GenerateRandomBytes();
CustomPrincipalSerializeModel serialmodel = new CustomPrincipalSerializeModel();
//Please note that all values stored in the custom principal are encrypted
serialmodel.UserID = userid;
serialmodel.Admintype = admintype;
serialmodel.Username = username;
serialmodel.Email = email;
serialmodel.ActivityID = activityid;
serialmodel.Client_CompanyID = Client_CompanyID;
JavaScriptSerializer javascriptserializer = new JavaScriptSerializer();
var userData = javascriptserializer.Serialize(serialmodel);
username += "_merchant_org_delivery"; //We would use this string to differentiate cookie type at login stage
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(cookie);
}
When using Authorize attribute
I stuffs like [Authorize(User="admin")]
Please how do I set this from my code.
I would like to be able to do something like . [Authorize(User="Super Admin")] [Authorize="Moderator"]
How do I go about this. I need help.
