Custom Authentication and Authorization

System.Web.Http.AuthorizeAttribute for WEB API

System.Web.Mvc.AuthorizeAttribute. for MVC

public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        private readonly CPAContext db = new CPAContext();

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            var username = httpContext.User.Identity.Name;
          //  var test = this.Roles;
            //var isAuthorized = db.ApplicationUsers.Any(u => u.UserName.ToLower() == username.ToLower());
            
            
            return false;
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            //filterContext.Result = new HttpUnauthorizedResult(); // Try this but i'm not sure
            filterContext.Result = new RedirectResult("~/Home/Unauthorized");
        }
    }
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s