0

I just need to make an manual autentication on MVC3 and the problem is, when the user access the url from project, i have this code on base class:

public class BaseController : Controller
{
    private Usuario loggedUser;
    protected override void Initialize(System.Web.Routing.RequestContext requestContext)
    {
        if (requestContext.HttpContext.Request.RawUrl != "/Home/Login")
        {
            if (requestContext.HttpContext.Session["usuario"] != null)
            {
                loggedUser = (Usuario)requestContext.HttpContext.Session["usuario"];
                ViewBag.nomeUsuario = loggedUser.Nome;
                ViewBag.idUsuario = loggedUser.Id;
            }
            else
            {
                requestContext.HttpContext.Response.RedirectPermanent("~/Home/Login");
            }
        }
        base.Initialize(requestContext);
    }

The problem is, when they are not authorized I send a redirect BUT the initialize continues to process the request action. I think the validation are on not a good place becouse I can remove the inicalize method.

Echilon
  • 10,064
  • 33
  • 131
  • 217
Mauricio Fritsch
  • 3
  • 2
  • 3
    Consider using a custom `FilterAttribute`, like `AuthorizeAttribute`, but create your own and put it on the `BaseController` or whatever controller you need the functionality on. – Mario S Nov 09 '12 at 13:54
  • Mario, I looked the AuthorizeAttribute, but i need to create this without the microsoft membership, without using the feature of authentication of MS. – Mauricio Fritsch Nov 09 '12 at 14:00
  • You can inherit from `AuthorizeAttribute` and override the functionality to use your own logic. – Mario S Nov 09 '12 at 14:03

1 Answers1

0

Redirect does not work in this context. Try overriding OnAuthorization and return a RedirectResult.

Even better would be to implement this logic as an attribute.

public class MyAuthorize : AuthorizeAttribute
{
    private Usuario loggedUser;
    protected override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (filterContext.HttpContext.Request.RawUrl != "/Home/Login")
        {
            if (filterContext.HttpContext.Session["usuario"] != null)
            {
                loggedUser = (Usuario) filterContext.HttpContext.Session["usuario"];
                ViewBag.nomeUsuario = loggedUser.Nome;
                ViewBag.idUsuario = loggedUser.Id;
            }
            else
            {
                filterContext.Result = new RedirectResult("~/Home/Login");
            }
            base.OnAuthorization(filterContext);
        }
    }
}
Lukas Winzenried
  • 1,919
  • 1
  • 14
  • 22