How to apply ldap authuntication to prevent user from access any page on web application without login ?

Ahmed Salah Abed Elaziz 390 Reputation points
2023-04-12T03:20:03.1266667+00:00

I work on blazor server side . i face issue i can't force user to redirect to login page if he write any page of application so if user try access dashboard page it will open it so what i need is to prevent access dashboard without make login so i need to force user to redirect to login page if he not have user name and password if(url= www.union.com/dashboard) redirect to login if user not authenticated i using ladp authentication so what i do prevent user from access dashboard page if he not authenticated meaning if he try access dashboard page from browser without login then redirect to login page dashboard.razor @Code Plus Code @code


    public class LdapAuthentication
    {
        private string _path;
        private string _filterAttribute;

        public LdapAuthentication(string path)
        {
            _path = path;
        }
        public bool IsAuthenticated(string domain, string username, string pwd)
        {
            string domainAndUsername = domain + @"\" + username;
            DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);



            try
            {
                //Bind to the native AdsObject to force authentication.
                object obj = entry.NativeObject;



                DirectorySearcher search = new DirectorySearcher(entry);



                search.Filter = "(xxxx=" + username + ")";
                search.PropertiesToLoad.Add("cn");
                SearchResult result = search.FindOne();



                if (null == result)
                {
                    return false;
                }



                //Update the new path to the user in the directory.
                _path = result.Path;
                _filterAttribute = (string)result.Properties["cn"][0];
            }
            catch (Exception ex)
            {
                return false;
                // throw new Exception("Error authenticating user. " + ex.Message);

            }



            return true;
        }

        public string GetGroups()
        {
            DirectorySearcher search = new DirectorySearcher(_path);
            search.Filter = "(cn=" + _filterAttribute + ")";
            search.PropertiesToLoad.Add("memberOf");
            StringBuilder groupNames = new StringBuilder();



            try
            {
                SearchResult result = search.FindOne();
                int propertyCount = result.Properties["memberOf"].Count;
                string dn;
                int equalsIndex, commaIndex;



                for (int propertyCounter = 0; propertyCounter < propertyCount; propertyCounter++)
                {
                    dn = (string)result.Properties["memberOf"][propertyCounter];
                    equalsIndex = dn.IndexOf("=", 1);
                    commaIndex = dn.IndexOf(",", 1);
                    if (-1 == equalsIndex)
                    {
                        return null;
                    }
                    groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1));
                    groupNames.Append("|");
                }
            }
            catch (Exception ex)
            {
                throw new Exception("Error obtaining group names. " + ex.Message);
            }
            return groupNames.ToString();
        }
        public  bool userexists( string strUserName,string domain ) 
        {
            bool result = false;
            using (DirectorySearcher searcher = new DirectorySearcher(_path))
            {
                try
                {
                    searcher.Filter = "(xxxx=" + strUserName + ")"; 

                    using (SearchResultCollection results = searcher.FindAll())
                    {
                        if (results.Count > 0)
                        {
                            result = true;
                        }

                    }
                }
                catch (Exception e)
                {
                    result = false;
                }
            }
            return result;
        }


    }
}







public async Task<ResponseModel> Login(UserDto request)
        {
            try
            {
                var UserhasPermission =  _UsersRepository.GetList(x => x.UserName == request.UserName).FirstOrDefault();

                if (UserhasPermission != null)
                {
                    if((bool)UserhasPermission.IsActive)
                    {
                        string adPath = "xxxx";
                        var adAuth = new LdapAuthentication(adPath).IsAuthenticated("xxxx", request.UserName, request.Password);
                        if (adAuth)
                        {

                            
                            UserResponseDto obj = new UserResponseDto();
                            obj.UserName = request.UserName;
                            obj.UserId = UserhasPermission.ID;
                            obj.UserRole = UserhasPermission.UserRoll;
                            
                            _response.Success(obj);
                        }

                        else
                            _response.Failed("User name or password is not correct, Kindly try Again");
                    }
                    else
                        _response.Failed("This user not Active");
                }
                else
                    _response.Failed("This user does not Registeration, Kindly try Register First");

                return _response;
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,237 questions
Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,419 questions
{count} votes