Overriding AuthorizeAttribute in MVC 4
In my application, I want to redirect the authorized user to update their profile page until they have provided required information. If they update profile, then the
-
public class MyAuthorizeAttribute: AuthorizeAttribute { protected override bool AuthorizeCore(HttpContextBase httpContext) { var authorized = base.AuthorizeCore(httpContext); if (!authorized) { // The user is not authorized => no need to go any further return false; } // We have an authenticated user, let's get his username string authenticatedUser = httpContext.User.Identity.Name; // and check if he has completed his profile if (!this.IsProfileCompleted(authenticatedUser)) { // we store some key into the current HttpContext so that // the HandleUnauthorizedRequest method would know whether it // should redirect to the Login or CompleteProfile page httpContext.Items["redirectToCompleteProfile"] = true; return false; } return true; } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { if (filterContext.HttpContext.Items.Contains("redirectToCompleteProfile")) { var routeValues = new RouteValueDictionary(new { controller = "someController", action = "someAction", }); filterContext.Result = new RedirectToRouteResult(routeValues); } else { base.HandleUnauthorizedRequest(filterContext); } } private bool IsProfileCompleted(string user) { // You know what to do here => go hit your database to verify if the // current user has already completed his profile by checking // the corresponding field throw new NotImplementedException(); } }and then you could decorate your controller actions with this custom attribute:
[MyAuthorize] public ActionResult FooBar() { ... }
加载中...
- 热议问题