5

问题陈述:

如果会话过期或者用户尝试访问任何视图而不使用剃刀登录 MVC 4,我正在尝试将用户重定向到登录页面。

  • 如果我对每个操作方法都使用过滤器属性,它可以正常工作,而不是在 filter.config 中全局应用操作过滤器。
  • 我不想将此操作过滤器应用于每个操作方法。

我想全局应用它。如何通过全局应用动作过滤器来避免重定向循环?如何做到这一点?

登录控制器:

//Get Method
public ActionResult Index(string returnUrl)
{
    ViewBag.ReturnUrl = returnUrl;
    return View();
}

//Post Method
[HttpPost]
public ActionResult Index(LoginModel loginModel, string returnUrl)
{
    if (ModelState.IsValid)
    {
        objLoginDC.LoginID = loginModel.LoginID;
        objLoginDC.Password = loginModel.Password;
        if (objSvcMasterConfig.IsValid(objLoginDC))
        {
            var varLoginTenantUserDetails = objSvcMasterConfig.GetLoginUserDetails(objLoginDC);
            Session["User"] = varLoginUserDetails[0];
            FormsAuthentication.SetAuthCookie(objLoginDC.LoginID, objLoginDC.RememberMe);

            return RedirectToLogin(returnUrl);
        }
        else
        {
            ModelState.AddModelError("", "The Log In ID or Password provided is incorrect.");
        }
    }

    return View(loginModel);
}

过滤器(动作过滤器):

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class CheckUserSessionAttribute : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        HttpSessionStateBase session = filterContext.HttpContext.Session;
        var user = session["User"];

        if (((user == null) && (!session.IsNewSession)) || (session.IsNewSession))
        {
            session.RemoveAll();
            session.Clear();
            session.Abandon();

            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Login" }, { "action", "Index" } });
        }
        base.OnActionExecuting(filterContext);
    }
}

过滤器 Config.cs:

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());
        filters.Add(new Filters.CheckUserSessionAttribute());
    }
}
4

1 回答 1

3

当控制器为Login且操作为Index时,您可以尝试不执行过滤器逻辑:

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class CheckUserSessionAttribute : ActionFilterAttribute
{

    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        //do not execute the filter logic for Login/Index
        if (filterContext.RouteData.GetRequiredString("controller").Equals("LogIn", StringComparison.CurrentCultureIgnoreCase)
            && filterContext.RouteData.GetRequiredString("action").Equals("Index", StringComparison.CurrentCultureIgnoreCase)){
            return;
        }

        HttpSessionStateBase session = filterContext.HttpContext.Session;
        var user = session["User"];

        if (((user == null) && (!session.IsNewSession)) || (session.IsNewSession))
        {
            session.RemoveAll();
            session.Clear();
            session.Abandon();

            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { "controller", "Login" }, { "action", "Index" } });
        }
        base.OnActionExecuting(filterContext);
    }
}
于 2014-04-08T11:44:46.227 回答