Custom Authentication and Authorization

System.Web.Http.AuthorizeAttribute for WEB API

System.Web.Mvc.AuthorizeAttribute. for MVC

public class CustomAuthorizeAttribute : AuthorizeAttribute
        private readonly CPAContext db = new CPAContext();

        protected override bool AuthorizeCore(HttpContextBase httpContext)
            var username = httpContext.User.Identity.Name;
          //  var test = this.Roles;
            //var isAuthorized = db.ApplicationUsers.Any(u => u.UserName.ToLower() == username.ToLower());
            return false;

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
            //filterContext.Result = new HttpUnauthorizedResult(); // Try this but i'm not sure
            filterContext.Result = new RedirectResult("~/Home/Unauthorized");

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s