Donate

Custom AuthorizeAttribute Class In ASP.NET MVC

-
Hello All!
In ASP.NET MVC projects, you would normally handle Unauthorized users if they access to a page in which they don't have access to. To do this I have a custom class that inherits the AuthorizeAttribute class. This class was take from accepted answers in stackoverflow with some modifications according to my needs for the project.
Here's the complete AuthorizeUser class.
using System.Configuration;
using System.Web.Mvc;

namespace AuthenticationDemo
{
    public class AuthorizeUsersAttribute : AuthorizeAttribute
    {
        private string redirectUrl = "";

        public string NotifyUrl
        {
            get { return redirectUrl; }
            set { redirectUrl = value; }
        }

        public AuthorizeUsersAttribute()
            : base()
        {
        }

        public AuthorizeUsersAttribute(string redirectUrl)
            : base()
        {
            this.redirectUrl = redirectUrl;
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            //passed from attribute NotifyUrl Property
            string authUrl = this.redirectUrl;

            //if null, get it from web.config
            if (string.IsNullOrEmpty(authUrl))
                authUrl = ConfigurationManager.AppSettings["RolesAuthRedirectUrl"];

            if (!string.IsNullOrEmpty(authUrl))
                filterContext.HttpContext.Response.Redirect(authUrl);

            base.HandleUnauthorizedRequest(filterContext);
        }

        public override void OnAuthorization(AuthorizationContext context)
        {
            if (context.HttpContext.Request.IsAuthenticated)
            {
                if (!context.HttpContext.User.IsInRole(this.Roles))
                    HandleUnauthorizedRequest(context);
            }
            else
            {
                HandleUnauthorizedRequest(context); 
            }
        }
    }
}
In web.config which is located at the root of the project, define the key/value for RolesAuthRedirectUrl element. 
<appSettings>
 <add key="RolesAuthRedirectUrl" value="~/Error/Http404"/>
</appSettings>
The base controller class is defined as follows. This has the methods for UnauthorizedError() and Http404(). Make sure that your controllers inherit this class. 
using System.Web.Mvc;
namespace AuthenticationDemo
{
    [AllowAnonymous]
    public class ErrorController : Controller
    {
        public ActionResult UnauthorizedError()
        {
            //Add some codes here... 
            return View(model);
        }
  
 public ActionResult Http404()
        {
            //Add some codes here... 
            return View(model);
        }
    }
}
In the controller, decorate your ActionResult Methods with the custom attribute class. 
[HttpGet]
[AuthorizeUsers(Roles = "Admin", NotifyUrl = "/Error/UnauthorizedError")]
public ActionResult GetEmployeeFinancialRecords()
{
  //Add some codes here...  
  return View();
}

Comments

Post a Comment

Donate

Popular Posts From This Blog

WPF CRUD Application Using DataGrid, MVVM Pattern, Entity Framework, And C#.NET

-
Image
Good day to all! Here's an example of a WPF CRUD (Create,Update and Delete) project using the DataGrid control, ADO.NET Entity Framework 6.x, C#.NET and Model–View–Viewmodel(MVVM) architectural pattern. This post was based from this tutorial WPF CRUD With DataGrid, Entity Framework And C#.NET except that we are now using the MVVM framework. The steps below are pretty straightforward and easy to follow. I. Project Setup 1. Add a table called Students in you database. The complete script is found in this post WPF CRUD With DataGrid, Entity Framework And C#.NET 2. Create a WPF Project and add four folders called DataAccess, Model, View and ViewModel. 3. Your project structure may look similar with the screenshot provided below. II. Coding The Model and Repository Class 1. Inside the Model folder, add an ADO.NET Entity Data Model that connects to the Students table in your database. On my part, I named it StudentModel . 2. For the connectionstring name in App.config file, I
Read more

How To Insert Or Add Emojis In Microsoft Teams Status Message

-
Image
Good day Gents! I was trying to update my Microsoft Teams status and was wondering if I can add or insert emoji. For editing or adding new teams status, only text fields are available and there's no emoji icon similar to writing a teams message. After googling for a few minutes, I found this link Emoji's in status which is a feature request in Microsoft Teams User's Voice Forum. So far this upgrade request only has thirty votes which is relatively small and may be considered a low priority for the product team to implement. Given the limitations at hand, I tried several approach including copying an emoji in a chat message which didn't work and later found a solution using Microsoft Outlook 365. First is to create a new email message in Microsoft Outlook and press (Window Key + .). The emoji dropdown control will appear. Next is to select the emoji that you wanted to add to Teams. Copy the emoji from the newly created email message template and paste that to Micr
Read more

Pass GUID As Parameter To Action Using ASP.NET MVC ContribGrid

-
Hi, In a scenario where in you want to pass a GUID object to an Action Parameter, the parameter might contain a null value. Since Guid is not nullable, you can't simply just pass it to an action parameter because Action parameters require nullable and reference types. You might encounter an error like this: An optional parameter must be a reference type, a nullable type, or be declared as an optional parameter Assuming you have an aspx view below: <div> <% Html.Grid(Model).Columns (c => { c.For(m => m.Price); c.For(m => m.ProductName); c.For(m => m.ProductID); c.For( "View Person" ).Named( "" ).Action(m => { %> <td> <%= Html.ActionLink( "View Person" , "ProductDetail" , "Home" , new { @id = m.ProductID.ToString() }) %> </td> <% }); %> <% }).Render(); %> </div> and an action
Read more