Вопрос:

Where exactly in the account controller should I check if a user is in a specific role after login?

c# asp.net entity-framework asp.net-mvc-5

109 просмотра

1 ответ

36 Репутация автора

Hello I am trying to create a simple ban system where if you have the role "Banned" and you try to login it should log you out.

The problem is I don't where exactly in the account controller to check if you in the "Banned"

// POST: /Account/Login
    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
    {
        if (!ModelState.IsValid)
        {
            return View(model);
        }
        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, change to shouldLockout: true
        var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);

        switch (result)
        {
            case SignInStatus.Success:
                if (User.IsInRole("Banned"))
                {
                    FormsAuthentication.SignOut();
                }
                return RedirectToLocal(returnUrl);
            case SignInStatus.LockedOut:
                return View("Lockout");
            case SignInStatus.RequiresVerification:
                return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
            case SignInStatus.Failure:
            default:
                ModelState.AddModelError("", "Invalid login attempt.");
                return View(model);
        }
    }

I tried putting it below

case SignInStatus.Success:

But it didn't work. I am very new to ASP.NET MVC and any help would be appreciated.

EDIT: Tried editing the SignInManager but it didnt have an effect

public virtual async Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout)
    {
        if (this.UserManager == null)
            return SignInStatus.Failure;
        TUser user = await this.UserManager.FindByNameAsync(userName).WithCurrentCulture<TUser>();
        if ((object)user == null)
            return SignInStatus.Failure;
        if (this.UserManager.IsInRole(user.Id, "Banned"))
        {
            return SignInStatus.Failure;
        }
        if (await this.UserManager.IsLockedOutAsync(user.Id).WithCurrentCulture<bool>())
            return SignInStatus.LockedOut;
        if (await this.UserManager.CheckPasswordAsync(user, password).WithCurrentCulture<bool>())
        {
            IdentityResult identityResult = await this.UserManager.ResetAccessFailedCountAsync(user.Id).WithCurrentCulture<IdentityResult>();
            return await this.SignInOrTwoFactor(user, isPersistent).WithCurrentCulture<SignInStatus>();
        }
        if (shouldLockout)
        {
            IdentityResult identityResult = await this.UserManager.AccessFailedAsync(user.Id).WithCurrentCulture<IdentityResult>();
            if (await this.UserManager.IsLockedOutAsync(user.Id).WithCurrentCulture<bool>())
                return SignInStatus.LockedOut;
        }
        return SignInStatus.Failure;
    }
Автор: Thenis Источник Размещён: 22.08.2016 08:17

Ответы (1)


0 плюса

2663 Репутация автора

MVC doesn't really have an easy, built-in way to do what you're requesting. It has the AuthorizeAttribute class which you can use on a controller or an action method. It allows you to specify either the users or roles that are allowed access, but it sounds like you want to do the opposite.

The problem with the code you've provided is that you would need to include it in every single action method and that would get ugly fast.

If you really want to pursue this approach, and I'm not sure it's a good one, you could write your own FilterAttribute class.

Hope this gets you started in the right direction.

Автор: Doug Clutter Размещён: 22.08.2016 08:31
Вопросы из категории :
32x32