Mvc 5 role based redirection

Question

0.00/5 (No votes)

See more:

I have designed a basic application that has 3 roles:

* Admin
* Clerk
* Donor

On startup of the project the user is directed to the Login/Register view. If a user login as an admin he should be redirect to the admin view that has an AdminLayoutPage.cshtml. If a donor login he should be redirected to the Donor view with DonorLayoutPage.cshtml. However I dont get the desired result. I have tried methods in the login controller to validate:

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<actionresult> Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = await UserManager.FindAsync(model.UserName, model.Password);
if (user != null && User.IsInRole("Admin"))
{
await SignInAsync(user, model.RememberMe);
return RedirectToLocal(returnUrl);
}
else
{
ModelState.AddModelError("", "Invalid username or password.");
}
}

// If we got this far, something failed, redisplay form
return View(model);
}

Posted 12-Aug-14 2:23am

ZainNabi

Updated 12-Aug-14 2:25am

v2

Add a Solution

Comments

Nathan Minier 12-Aug-14 8:38am

Your issue is more likely in your Role Provider than in your controller. This article hits all the points of how to wire up a role provider:
http://www.codeproject.com/Articles/607392/Custom-Role-Providers

ZainNabi 12-Aug-14 9:10am

As per the link above, I see that FormsAuthentication is being used rather that identity

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2014-08-12T03:46:00

OK, so how are you tracking who is in what role? If you're using the default provider and database then this code should work unless the user is not in the Admin role.

My personal opinion is to RedirectToAction that shows the Admin view instead of RedirectToLocal. That way you don't have to worry about URLs at all.

And what's with all the damn Async stuff on what is, by nature, a synchronous operation in the first place??