Skip to main content

Custom Roles Base Authorization in ASP.NET MVC

Hello everyone, I am going to share the code sample to roles base authorization and authentication in ASP.Net MVC 5 using FilterAttribute and AspNetUserRoles.

The Steps detail as given below.

ASP.NET Forms Authentication

namespace Authorize.Controllers
{
    [Authorize]
    public class AccountController : Controller
    {
        [HttpPost]
        [AllowAnonymous]
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                     int timeout = 525600; // Timeout in minutes, 525600 = 365 days.
                     string UserData = GetUserData(model);
                     //// Create and tuck away the cookie
                     FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, model.UserName, DateTime.Now, DateTime.Now.AddDays(30), rememberMe, UserData, FormsAuthentication.FormsCookiePath);

                    //To encrypt FormsAuthenticationTicket ticket set the protection attribute of the forms element to All or Encryption.
                    string encTicket = FormsAuthentication.Encrypt(authTicket);

                    HttpCookie AuthCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
                    System.Web.HttpContext.Current.Response.Cookies.Add(AuthCookie);
                }
           }
        }
    }
}

Authorize controller by Roles

namespace Authorize.Controllers
{
    [CustomAuthorize(Roles = "Client")]
    public class UsageController : BaseController
    {

        /// <summary>
        /// This method is used to render dashboard view.
        /// </summary>
        public ActionResult Index()
        {
            return View();
        }
   }
}

CustomAuthorizeAttribute class using AuthorizeAttribute

namespace Authorize.Security
{
    public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            AspDotNetUserRepository _aspNetRepo = new AspDotNetUserRepository();
            if (filterContext.HttpContext.Request.IsAuthenticated)
            {              
                var authorizedRoles = ConfigurationManager.AppSettings.Get("admin");
                Roles = String.IsNullOrEmpty(Roles) ? authorizedRoles : Roles;
             
                AspNetUser user = _aspNetRepo.GetAspNetUser(Convert.ToString(HttpContext.Current.User.Identity.Name));
                if (user != null)
                {
                    string userRole = _aspNetRepo.GetUserRole(Convert.ToString(user.Id));
                    if (!String.IsNullOrEmpty(userRole))
                    {
                        if (!userRole.Equals(Roles))
                        {
                            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "Controller", "Error" }, { "Action", "AccessDenied" } });   
                            FormsAuthentication.SignOut();
                            base.OnAuthorization(filterContext);//returns to AccessDenied page URL.     
                        }
                    }
                }
            }
        }
    }
}

App Settings for Roles

  <appSettings>
    <!-- For Authrization role -->
    <add key="admin" value="adminUser"/>
  </appSettings>



Labels

Labels:
By Anil Singh | Rating of this article (*****)

Popular posts from this blog

nullinjectorerror no provider for httpclient angular 17

In Angular 17 where the standalone true option is set by default, the app.config.ts file is generated in src/app/ and provideHttpClient(). We can be added to the list of providers in app.config.ts Step 1:   To provide HttpClient in a standalone app we could do this in the app.config.ts file, app.config.ts: import { ApplicationConfig } from '@angular/core'; import { provideRouter } from '@angular/router'; import { routes } from './app.routes'; import { provideClientHydration } from '@angular/platform-browser'; //This (provideHttpClient) will help us to resolve the issue  import {provideHttpClient} from '@angular/common/http'; export const appConfig: ApplicationConfig = {   providers: [ provideRouter(routes),  provideClientHydration(), provideHttpClient ()      ] }; The appConfig const is used in the main.ts file, see the code, main.ts : import { bootstrapApplication } from '@angular/platform-browser'; import { appConfig } from '
Read more

39 Best Object Oriented JavaScript Interview Questions and Answers

Most Popular 37 Key Questions for JavaScript Interviews. What is Object in JavaScript? What is the Prototype object in JavaScript and how it is used? What is "this"? What is its value? Explain why "self" is needed instead of "this". What is a Closure and why are they so useful to us? Explain how to write class methods vs. instance methods. Can you explain the difference between == and ===? Can you explain the difference between call and apply? Explain why Asynchronous code is important in JavaScript? Can you please tell me a story about JavaScript performance problems? Tell me your JavaScript Naming Convention? How do you define a class and its constructor? What is Hoisted in JavaScript? What is function overloadin
Read more

25 Best Vue.js 2 Interview Questions and Answers

What Is Vue.js? The Vue.js is a progressive JavaScript framework and used to building the interactive user interfaces and also it’s focused on the view layer only (front end). The Vue.js is easy to integrate with other libraries and others existing projects. Vue.js is very popular for Single Page Applications developments. The Vue.js is lighter, smaller in size and so faster. It also supports the MVVM ( Model-View-ViewModel ) pattern. The Vue.js is supporting to multiple Components and libraries like - ü   Tables and data grids ü   Notifications ü   Loader ü   Calendar ü   Display time, date and age ü   Progress Bar ü   Tooltip ü   Overlay ü   Icons ü   Menu ü   Charts ü   Map ü   Pdf viewer ü   And so on The Vue.js was developed by “ Evan You ”, an Ex Google software engineer. The latest version is Vue.js 2. The Vue.js 2 is very similar to Angular because Evan You was inspired by Angular and the Vue.js 2 components looks like -
Read more

55 Best TypeScript Interview Questions and Answers - JavaScript!

What Is TypeScript? By definition, "TypeScript is a typed superset of JavaScript that compiles to plain JavaScript." TypeScript is a superset of JavaScript which provides optional static typing, classes and interfaces. => The TypeScript was first made public in the year 2012. => Typescript is a modern age JavaScript development language. => TypeScript is a strongly typed, object oriented, compiled language. => TypeScript was designed by Anders Hejlsberg (designer of C#) at Microsoft. => TypeScript is both a language and a set of tools. As an Example of TypeScript, class Hello {     msg : string ;      constructor ( message : string ) {          this . msg = message ;      }       getMsg () {          return "Hello, " + this . msg ;      } } TypeScript introduced a great deal of syntax taken from object-oriented programming, including but not limited to: 1) Interfaces 2) Classes 3) Enumerated t
Read more

.NET Core MVC Interview Questions and Answers

» OOPs Interview Questions Object Oriented Programming (OOP) is a technique to think a real-world in terms of objects. This is essentially a design philosophy that uses a different set of programming languages such as C#... Posted In .NET » .Net Constructor Interview Questions A class constructor is a special member function of a class that is executed whenever we create new objects of that class. When a class or struct is created, its constructor is called. A constructor has exactly the same name as that of class and it does not have any return type… Posted In .NET » .NET Delegates Interview Questions Delegates are used to define callback methods and implement event handling, and they are declared using the "delegate" keyword. A delegate in C# is similar to function pointers of C++, but C# delegates are type safe… Posted In .NET » ASP.Net C# Interview Questions C# was developed by Microsoft and is used in essentially all of their products. It is mainly used for
Read more