Getting role after login

Question

User761356933 posted

Hello. I am trying to get the role after login so I can redirect the user to the userdashboard and the admin to the admindashboard.

However when logging in as admin it is always returning false for the role of "Admin". Sorry for such a simple question, I am new to this and learning as I go.

  protected void LogIn(object sender, EventArgs e)
        {
            if (IsValid)
            {
                // Validate the user password
                var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
                var signinManager = Context.GetOwinContext().GetUserManager<ApplicationSignInManager>();

                // This doen't count login failures towards account lockout
                // To enable password failures to trigger lockout, change to shouldLockout: true
                var result = signinManager.PasswordSignIn(textUsername.Value, textPassword.Value,false,shouldLockout: false);
            

                switch (result)
                {
                    case SignInStatus.Success:
                        var roleName = Context.GetOwinContext().Authentication.User.IsInRole("Admin");
                        

                        if (roleName)
                        {
                            IdentityHelper.RedirectToReturnUrl(Request.QueryString["~/pages/admin/adminland.aspx"], Response);
                        }
                        else
                        { 
                        IdentityHelper.RedirectToReturnUrl(Request.QueryString["~/pages/userland.aspx"], Response);
                }


                        break;
                    case SignInStatus.LockedOut:
                        Response.Redirect("/Account/Lockout");
                        break;
                    case SignInStatus.RequiresVerification:
                        Response.Redirect(String.Format("/Account/TwoFactorAuthenticationSignIn?ReturnUrl={0}&RememberMe={1}", 
                                                        Request.QueryString["ReturnUrl"]
                                                        ),
                                          true);
                        break;
                    case SignInStatus.Failure:
                    default:
                        dvMessage.InnerText = "Invalid Username and/or Password";
                    
                        dvMessage.Visible = true;
                        break;
                }
            }
        }

Answer 1

User-570626059 posted

I seem to have figured it out - seems I was trying to check authentication before sign in , so instead i used the username.text to find user id that way and then get the role using this

Answer 2

User283571144 posted

Hi BluSky28,

As you says, th  reason is user not completely signin or completed all authentication process in this stage.

So we couldn't get the Context.GetOwinContext().Authentication.User is null when you access it in the login method.

Here is a workaround, we could use the usermanager.FindAsync to find the user and check the user role.

More details, you could refer to below codes:

        protected void LogIn(object sender, EventArgs e)
        {
            if (IsValid)
            {
                // Validate the user password
                var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
                var signinManager = Context.GetOwinContext().GetUserManager<ApplicationSignInManager>();

                // This doen't count login failures towards account lockout
                // To enable password failures to trigger lockout, change to shouldLockout: true
                var result = signinManager.PasswordSignIn(Email.Text, Password.Text, RememberMe.Checked, shouldLockout: false);
                switch (result)
                {
                    case SignInStatus.Success:
                        var roleName = Context.GetOwinContext().Authentication.User.IsInRole("Admin");
                        var user = manager.FindAsync(Email.Text, Password.Text).Result;
                        var roles = manager.GetRolesAsync(user.Id).Result;
                         if (roles.Contains("Admin"))
                            break; // << I always hit this line - even if the user is an Admin
                        IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
                        break;
                    case SignInStatus.LockedOut:
                        Response.Redirect("/Account/Lockout");
                        break;
                    case SignInStatus.RequiresVerification:
                        Response.Redirect(String.Format("/Account/TwoFactorAuthenticationSignIn?ReturnUrl={0}&RememberMe={1}", 
                                                        Request.QueryString["ReturnUrl"],
                                                        RememberMe.Checked),
                                          true);
                        break;
                    case SignInStatus.Failure:
                    default:
                        FailureText.Text = "Invalid login attempt";
                        ErrorMessage.Visible = true;
                        break;
                }
            }
        }

Result:

Best Regards,

Brando