form authentication using custom principle in asp.net mvc

Here's how I do it.
I decided to use IPrincipal instead of IIdentity because it means I don't have to implement both IIdentity and IPrincipal.
  1. Create the interface
    interface ICustomPrincipal : IPrincipal
{
    int Id { get; set; }
    string FirstName { get; set; }
    string LastName { get; set; }
}
  2. CustomPrincipal
    public class CustomPrincipal : ICustomPrincipal
{
    public IIdentity Identity { get; private set; }
    public bool IsInRole(string role) { return false; }

    public CustomPrincipal(string email)
    {
        this.Identity = new GenericIdentity(email);
    }

    public int Id { get; set; }
    public string FirstName { get; set; }
    public string LastName { get; set; }
}
  3. CustomPrincipalSerializeModel - for serializing custom information into userdata field in FormsAuthenticationTicket object.
    public class CustomPrincipalSerializeModel
{
    public int Id { get; set; }
    public string FirstName { get; set; }
    public string LastName { get; set; }
}
  4. LogIn method - setting up a cookie with custom information
    if (Membership.ValidateUser(viewModel.Email, viewModel.Password))
{
    var user = userRepository.Users.Where(u => u.Email == viewModel.Email).First();

    CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel();
    serializeModel.Id = user.Id;
    serializeModel.FirstName = user.FirstName;
    serializeModel.LastName = user.LastName;

    JavaScriptSerializer serializer = new JavaScriptSerializer();

    string userData = serializer.Serialize(serializeModel);

    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
             1,
             viewModel.Email,
             DateTime.Now,
             DateTime.Now.AddMinutes(15),
             false,
             userData);

    string encTicket = FormsAuthentication.Encrypt(authTicket);
    HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
    Response.Cookies.Add(faCookie);

    return RedirectToAction("Index", "Home");
}
  5. Global.asax.cs - Reading cookie and replacing HttpContext.User object, this is done by overriding PostAuthenticateRequest
    protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
    HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];

    if (authCookie != null)
    {
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

        JavaScriptSerializer serializer = new JavaScriptSerializer();

        CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);

        CustomPrincipal newUser = new CustomPrincipal(authTicket.Name);
        newUser.Id = serializeModel.Id;
        newUser.FirstName = serializeModel.FirstName;
        newUser.LastName = serializeModel.LastName;

        HttpContext.Current.User = newUser;
    }
}
  6. Access in Razor views
    @((User as CustomPrincipal).Id)
@((User as CustomPrincipal).FirstName)
@((User as CustomPrincipal).LastName)
and in code:
    (User as CustomPrincipal).Id
    (User as CustomPrincipal).FirstName
    (User as CustomPrincipal).LastName
I think the code is self-explanatory. If it isn't, let me know.
Additionally to make the access even easier you can create a base controller and override the returned User object (HttpContext.User):
public class BaseController : Controller
{
    protected virtual new CustomPrincipal User
    {
        get { return HttpContext.User as CustomPrincipal; }
    }
}
and then, for each controller:
public class AccountController : BaseController
{
    // ...
}
which will allow you to access custom fields in code like this:
User.Id
User.FirstName
User.LastName
But this will not work inside views. For that you would need to create a custom WebViewPage implementation:
public abstract class BaseViewPage : WebViewPage
{
    public virtual new CustomPrincipal User
    {
        get { return base.User as CustomPrincipal; }
    }
}

public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
    public virtual new CustomPrincipal User
    {
        get { return base.User as CustomPrincipal; }
    }
}
Make it a default page type in Views/web.config:
 pageBaseType="Your.Namespace.BaseViewPage">
  
     namespace="System.Web.Mvc" />
     namespace="System.Web.Mvc.Ajax" />
     namespace="System.Web.Mvc.Html" />
     namespace="System.Web.Routing" />
and in views, you can access it like this:
@User.FirstName
@User.LastName

Comments

Post a Comment

Popular posts from this blog

storing byte array as column value in datatable using c#

This post covers following objective 1. How to declare and define datatable 2. Add columns at runtime 3. Add column to store byte array (image/file etc) //YOUR PHOTOGRAPH HERE MemoryStream ms = new MemoryStream(); argPhotograph.Save(ms, System.Drawing.Imaging.ImageFormat.Gif); //DECLARING DATATABLE DataTable dt = new DataTable ();   dt . Columns . Add ( "ID" ); dt . Columns . Add ( "Name" ); dt . Columns . Add ( "CreatedOn" , typeof ( DateTime )); dt . Columns . Add ( "Photograph" , typeof ( byte []));   //METHOD 1: ADDING DATA DataRow row = null; row = dt.NewRow(); row[ "ID"] = 1; row[ "Name"] = "Usman"; row[ "CreatedOn"] = DateTime.Now; row[ "Photograph"] = argPhotograph.ToArray(); dt.Rows.Add(row);  //METHOD 2: ADDING DATA dt.Row.Add( 1, "Usman", DateTime.Now, argPhotograph.ToArray());
Read more

post form data and bind with model : using jquery ajax in mvc

There are multiple ways of posting data from view to controller using jquery + ajax in mvc 1. post data by assigning parameters one by one and bind it with model manually 2. post data by serializing form and automatically binding with model 3. post data by assigning parameters one by one + making custom class and assigning data to its variables which are named similarly as that of model Method 1:     $.ajax({         url: "/Controller/SubmitAction",         type: "POST",         dataType: "text",         data: { name: _name, age: _age, id: _id },         success: function (response) {             alert("Success");         },         error: function () {             alert("Error");         }     }); public JsonResult SubmitAction(string name, string age, int id) {       try       {             Person obj = context.Person.FirstOrDefault(x=>x.id = id);             obj.Name = name;             obj.Age = age;
Read more

Htc sensation XL mobile not working with windows 7 or above, along with Htc sync software

Problem: Htc sensation XL connectivity issue with windows 7 or above + Htc sensation XL device detection issue with Android Studio + Htc sensation XL connectivity issue with Htc sync software Solution: For all of the above mentioned issues, please see steps below for smooth & successful activity. Please make sure that 1. In Pc, Htc sync software version 3.2.26 or 3.3.63 is installed. 2. Ur device is connected to PC via usb cable. 3. In mobile, change connectivity options from 'charging' to 'htc sync' 4. In Pc, goto device manager and see for hardware changes in order to see whether device is detected by Pc or not yet, If yes you are good to go, if not follow below mentioned steps 5. Run htc sync in compatible mode by going to properties and changing OS to windows vista, then re-run Htc sync software and re-connect from mobile to see if it detects changes or not, if yes we are good to go but if not see below 6. In Pc, install htc usb drivers fro
Read more