I needed [Authorize] like custom Attribute in ASP.Net mvc 3/4. Something like Below.
[AdminOnly]
public ActionResult OpenAddListUser()
{
//Do some actions
}
Here [AdminOnly] will check some user crediantials. All I needed was if AdminOnly is not valid then return some ActionResult View or Redirect to some other view like login.
public class AdminOnly : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool baseAuthorized = base.AuthorizeCore(httpContext);
if (!baseAuthorized) {
return false;
}
//here should be your admin checking logic
bool isAdmin = YourLogic.IsAdmin(httpContext.User.Identity.Name);
return isAdmin;
}
}
}
