全局应用动作过滤器,在MVC中提供重定向循环异常

时间:2014-04-08 11:16:04

标签: c# asp.net-mvc razor global-asax asp.net-mvc-filters

问题陈述:

如果会话过期或用户尝试访问任何视图而未使用razor登录MVC 4,我会尝试将用户重定向到登录页面。

  • 如果我使用的话,而不是在filter.config中全局应用动作过滤器 每个动作方法的过滤属性都可以正常工作。
  • 我不想将此操作过滤器应用于每个操作 方法

我想全局应用它。如何通过全局应用动作过滤器来避免重定向循环?如何实现这个??

登录控制器: 

//Get Method
public ActionResult Index(string returnUrl)
{
    ViewBag.ReturnUrl = returnUrl;
    return View();
}

//Post Method
[HttpPost]
public ActionResult Index(LoginModel loginModel, string returnUrl)
{
    if (ModelState.IsValid)
    {
        objLoginDC.LoginID = loginModel.LoginID;
        objLoginDC.Password = loginModel.Password;
        if (objSvcMasterConfig.IsValid(objLoginDC))
        {
            var varLoginTenantUserDetails = objSvcMasterConfig.GetLoginUserDetails(objLoginDC);
            Session["User"] = varLoginUserDetails[0];
            FormsAuthentication.SetAuthCookie(objLoginDC.LoginID, objLoginDC.RememberMe);

            return RedirectToLogin(returnUrl);
        }
        else
        {
            ModelState.AddModelError("", "The Log In ID or Password provided is incorrect.");
        }
    }

    return View(loginModel);
}

过滤器(操作过滤器): 

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class CheckUserSessionAttribute : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        HttpSessionStateBase session = filterContext.HttpContext.Session;
        var user = session["User"];

        if (((user == null) && (!session.IsNewSession)) || (session.IsNewSession))
        {
            session.RemoveAll();
            session.Clear();
            session.Abandon();

            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Login" }, { "action", "Index" } });
        }
        base.OnActionExecuting(filterContext);
    }
}

过滤Config.cs: 

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());
        filters.Add(new Filters.CheckUserSessionAttribute());
    }
}

1 个答案:

答案 0 :(得分:3)

当控制器登录且操作索引时,您可以尝试不执行过滤器逻辑:

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class CheckUserSessionAttribute : ActionFilterAttribute
{

    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        //do not execute the filter logic for Login/Index
        if (filterContext.RouteData.GetRequiredString("controller").Equals("LogIn", StringComparison.CurrentCultureIgnoreCase)
            && filterContext.RouteData.GetRequiredString("action").Equals("Index", StringComparison.CurrentCultureIgnoreCase)){
            return;
        }

        HttpSessionStateBase session = filterContext.HttpContext.Session;
        var user = session["User"];

        if (((user == null) && (!session.IsNewSession)) || (session.IsNewSession))
        {
            session.RemoveAll();
            session.Clear();
            session.Abandon();

            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Login" }, { "action", "Index" } });
        }
        base.OnActionExecuting(filterContext);
    }
}
相关问题
最新问题