How do I specify the user who logs into my app in my custom principal RRS feed

  • Question

  • User-2097295820 posted

    During my personal study online. I was able to learn how to do a custom principal. Now I have been learning how to use a Authorize attribute. 

    I have different kinds of administrators which include SuperAdmin, Moderator and Operator.

    So I want to be able to specify some controllers to be strictly for SuperAdmin and Moderator Admin. So that an Operator user would not access the controllers that are meant for the Super Admin user. I really dont know how to do this since I am using a custom principal.

    I would paste my custom principal code may be I could get help here.

    public class CustomPrincipal : ICustomPrincipal
            public IIdentity Identity { get; private set; }
            public bool IsInRole(string role) { return false; }
            public CustomPrincipal(string username, string roles)
                this.Identity = new GenericIdentity(username, roles);
            public int UserID { get; set; }
            public string Username { get; set; }
            public string Email { get; set; }
            public string Admintype { get; set; }
            public int ActivityID { get; set; } //This is needed during the logout / signout process
            public int Client_CompanyID { get; set; } //This value would tie the users to the companies that they fall under
    Global.asx code
         protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
                HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
      if (cookie != null)
                    FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(cookie.Value);
                    JavaScriptSerializer serializer = new JavaScriptSerializer();
                    Debug.WriteLine("This is the username from the authentication ticket   " + authTicket.Name);
                    if (authTicket.Name.Contains("_merchant_org_delivery"))
                        //This means that the login process was done by a company or organisation or delivery firm
                        CustomPrincipalSerializeModel serializemodel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);
                        if (serializemodel == null)
                            Response.Write("Login process failed, Please go back try again !!");
                        CustomPrincipal newUser = new CustomPrincipal(authTicket.Name, serializemodel.Admintype);
                        newUser.UserID = serializemodel.UserID;
                        newUser.Username = serializemodel.Username;
                        newUser.ActivityID = serializemodel.ActivityID;
                        newUser.Admintype = serializemodel.Admintype;
                        newUser.Client_CompanyID = serializemodel.Client_CompanyID;
                        newUser.Email = serializemodel.Email;
                        newUser.EncryptionKey = serializemodel.EncryptionKey;
                        newUser.VerificationKey = serializemodel.VerificationKey;
                        HttpContext.Current.User = newUser;
    My Controller login method
    I call this helper method after doing the login
            private void CreateAuthenticationTicket(int userid,string admintype,string username,string email,int activityid,int Client_CompanyID){
                //Create the keys that would be used for encryption
                KeyProvider keys = new KeyProvider();
                keys.EncryptionKey = CryptoHelper.GenerateRandomBytes();
                keys.VerificationKey = CryptoHelper.GenerateRandomBytes();
                CustomPrincipalSerializeModel serialmodel = new CustomPrincipalSerializeModel();
                //Please note that all values stored in the custom principal are  encrypted
                serialmodel.UserID = userid;
                serialmodel.Admintype = admintype;
                serialmodel.Username = username;
                serialmodel.Email = email;
                serialmodel.ActivityID = activityid;
                serialmodel.Client_CompanyID = Client_CompanyID;
                JavaScriptSerializer javascriptserializer = new JavaScriptSerializer();
                var userData = javascriptserializer.Serialize(serialmodel);
                username += "_merchant_org_delivery";  //We would use this string to differentiate cookie type at login stage
                FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData);
                string encTicket = FormsAuthentication.Encrypt(authTicket);
                HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);

    When using Authorize attribute

    I stuffs like [Authorize(User="admin")]

    Please how do I set this from my code.

    I would like to be able to do something like .   [Authorize(User="Super Admin")]  [Authorize="Moderator"]

    How do I go about this. I need help.

    Monday, November 30, 2015 4:32 PM