ntotten/AccountController.cs

## AccountController.cs
    [Export]
    [PartCreationPolicy(CreationPolicy.NonShared)]
    public class AccountController : Controller
    {

        const string appId = "188070564565375";
        const string appSecret = "<app_secret>";

        // **************************************
        // URL: /Account/LogOn
        // **************************************

        public ActionResult LogOn(string returnUrl)
        {
            var redirectUrl = new Uri(String.Format("http://{0}:{1}/account/oauth", Request.Url.Host, Request.Url.Port));
            return Redirect(String.Format("https://www.facebook.com/dialog/oauth?client_id={0}&redirect_uri={1}&state={2}", appId, redirectUrl.ToString(), returnUrl));
        }

        public ActionResult OAuth(string code, string state)
        {
            WebClient client = new WebClient();
            var redirectUrl = new Uri(String.Format("http://{0}:{1}/account/oauth", Request.Url.Host, Request.Url.Port));
            var url = String.Format("https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}", appId, redirectUrl, appSecret, code);
            string result = client.DownloadString(url);
            string accessToken = result.Split('&')[0].Split('=')[1];

            FacebookClient fbClient = new FacebookClient(accessToken);
            dynamic me = fbClient.Get("me?fields=id,name");
            string userId = me.id;
            if (IsAdmin(userId))
            {
                FormsAuthentication.SetAuthCookie(userId, false);
                return Redirect(state);
            }
            return new HttpUnauthorizedResult();
        }

        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();
            return Redirect("/");
        }

        public bool IsAdmin(string facebookId)
        {
            return facebookId == "14812017" ||
                   facebookId == "537883665";
        }

    }
	[Export]
	[PartCreationPolicy(CreationPolicy.NonShared)]
	public class AccountController : Controller
	{

	const string appId = "188070564565375";
	const string appSecret = "<app_secret>";

	// **************************************
	// URL: /Account/LogOn
	// **************************************

	public ActionResult LogOn(string returnUrl)
	{
	var redirectUrl = new Uri(String.Format("http://{0}:{1}/account/oauth", Request.Url.Host, Request.Url.Port));
	return Redirect(String.Format("https://www.facebook.com/dialog/oauth?client_id={0}&redirect_uri={1}&state={2}", appId, redirectUrl.ToString(), returnUrl));
	}

	public ActionResult OAuth(string code, string state)
	{
	WebClient client = new WebClient();
	var redirectUrl = new Uri(String.Format("http://{0}:{1}/account/oauth", Request.Url.Host, Request.Url.Port));
	var url = String.Format("https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}", appId, redirectUrl, appSecret, code);
	string result = client.DownloadString(url);
	string accessToken = result.Split('&')[0].Split('=')[1];

	FacebookClient fbClient = new FacebookClient(accessToken);
	dynamic me = fbClient.Get("me?fields=id,name");
	string userId = me.id;
	if (IsAdmin(userId))
	{
	FormsAuthentication.SetAuthCookie(userId, false);
	return Redirect(state);
	}
	return new HttpUnauthorizedResult();
	}

	public ActionResult LogOff()
	{
	FormsAuthentication.SignOut();
	return Redirect("/");
	}

	public bool IsAdmin(string facebookId)
	{
	return facebookId == "14812017" \|\|
	facebookId == "537883665";
	}

	}