Skip to content

Instantly share code, notes, and snippets.

@ntotten
Created March 3, 2011 21:05
Show Gist options
  • Save ntotten/853556 to your computer and use it in GitHub Desktop.
Save ntotten/853556 to your computer and use it in GitHub Desktop.
[Export]
[PartCreationPolicy(CreationPolicy.NonShared)]
public class AccountController : Controller
{
const string appId = "188070564565375";
const string appSecret = "<app_secret>";
// **************************************
// URL: /Account/LogOn
// **************************************
public ActionResult LogOn(string returnUrl)
{
var redirectUrl = new Uri(String.Format("http://{0}:{1}/account/oauth", Request.Url.Host, Request.Url.Port));
return Redirect(String.Format("https://www.facebook.com/dialog/oauth?client_id={0}&redirect_uri={1}&state={2}", appId, redirectUrl.ToString(), returnUrl));
}
public ActionResult OAuth(string code, string state)
{
WebClient client = new WebClient();
var redirectUrl = new Uri(String.Format("http://{0}:{1}/account/oauth", Request.Url.Host, Request.Url.Port));
var url = String.Format("https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}", appId, redirectUrl, appSecret, code);
string result = client.DownloadString(url);
string accessToken = result.Split('&')[0].Split('=')[1];
FacebookClient fbClient = new FacebookClient(accessToken);
dynamic me = fbClient.Get("me?fields=id,name");
string userId = me.id;
if (IsAdmin(userId))
{
FormsAuthentication.SetAuthCookie(userId, false);
return Redirect(state);
}
return new HttpUnauthorizedResult();
}
public ActionResult LogOff()
{
FormsAuthentication.SignOut();
return Redirect("/");
}
public bool IsAdmin(string facebookId)
{
return facebookId == "14812017" ||
facebookId == "537883665";
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment