I've implemented my own Authorize attribute, and I notice that it queries to check permissions when I use [Authorize].
Is there any way I can get that permission and use it in the current controller that applies the Authorize attribute without having to rewrite and requery the code in the controller?
Yes, you can. If you implemented your Authorize attribute as an ActionFilterAttribute you can use the ViewData collection to store information like this :
public class RequireRegistrationActionFilter : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
HttpRequestBase request = filterContext.HttpContext.Request;
HttpResponseBase response = filterContext.HttpContext.Response;
if (request != null &&
response != null)
{
bool isAuthenticated = request.IsAuthenticated;
filterContext.Controller.ViewData["IsAuthenticated"] = isAuthenticated;
if (!isAuthenticated)
{
string url = String.Format(
"/?ReturnUrl={0}",
HttpUtility.UrlEncode(request.Url.ToString()));
response.Redirect(url);
}
}
}
}
In the anoteated controller's acrion you can access the field with:
bool isAuthenticated = (bool)(ViewData["IsAuthenticated"] ?? false);
