Friday, 24 May 2013

Custom ASP.NET MVC Authorize Attribute

AuthorizeAttribute allows you to secure controller actions. The Authorize attribute lets you indicate that authorization is restricted to predefined roles or to individual users. This gives you a high degree of control over who is authorized to view any page on the site.


public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        // Custom property as you can get Page name which is passed from controller
        public string AccessLevel { get; set; }
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext == null)
                throw new ArgumentNullException("httpContext");

            if (!httpContext.User.Identity.IsAuthenticated)
                return false;
            else
            {
                //Check Roles
                HttpCookie authCookie =          httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
                if (authCookie == null || authCookie.Value == "")
                {
                }
                FormsAuthenticationTicket authTicket = null;
                try
                {
                    authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                }
                catch
                {
                }        
                // retrieve roles from UserData
                string[] roles = authTicket.UserData.Split(';');
            }                
            return true;
    }


Here I just override the AuthorizeCore methods of AuthorizeAttribute class. Now, you have to decorate your controller or action with this custom attribute

[CustomAuthorize(AccessLevel = "DemoIndex")]
 public ActionResult DemoIndex()
{
       return View();
}


You can redirect an unauthorised user in your custom AuthorisationAttribute by overriding the HandleUnauthorizedRequest method:

protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        filterContext.Result = new RedirectToRouteResult(
                    new RouteValueDictionary(
                        new
                            { 
                                controller = "Error", 
                                action = "Unauthorised" 
                            })
                    );
    }

Thursday, 23 May 2013

Playing with Jquery Cookie in Chrome and All broswers



When i trying to store value in Local Store means in browser then I have got Good solution by using $.Cookie. But when I Have started to work with it then its working fine in with Mozilla and IE. But when I have started to work in chrome then I have got problem to set and get Cookie through $.cookie. Then I have got a very good solution to Store cookie value in Local Browser by Using jquery.Storage.js($.Storage) and Its solved my problem with ease.

Code : 

<script src="js/jquery-1.9.1.js" language="javascript" type="text/javascript"></script>
<script src="js/jquery.cookie.js" language="javascript" type="text/javascript"></script>
<script src="js/jquery.Storage.js" language="javascript" type="text/javascript"></script>

var isChrome = navigator.userAgent.toLowerCase().indexOf('chrome') > -1;

//get cookies
var Flag=(isChrome)?$.Storage.get("Flag"):$.cookies.get("Flag");

//set cookies
if(isChrome)$.Storage.set("Flag", "1");else $.cookies.set("Flag", "1");