0

Almost every time I run my MVC app, it stops with errors before getting to the home page.

UPDATE: Here's the latest code:

public class RequireLoggedIn : ActionFilterAttribute
    {
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (Membership.GetUser() == null)
            {
                filterContext.Result = new RedirectResult("~/Logon");
            }
        }
    }

    public ActionResult Index()
    {
        MembershipUser myObject = Membership.GetUser();
        Guid UserID = (Guid)myObject.ProviderUserKey;

        DateTime dateTime = new DateTime();
        dateTime = DateTime.Now.AddDays(14);

        var model = db.Task.Where(n => (n.UserId == UserID) && (n.Completed == false) && (n.Due < dateTime));
        return View(model);

    }

Why is it doing this? It has worked fine in the past.

Any help is much appreciated.

tereško
  • 58,060
  • 25
  • 98
  • 150
  • is my object null or just the provider key? – Andrew Apr 14 '11 at 10:56
  • I'm not too sure, it's to get the UserID to be used in a query on the database as well as authorize the user. –  Apr 14 '11 at 11:11
  • You need to check your user is authorized you can either check if(myObject==null){RedirectToAction("login")} or something similar but I would create an attribute to do the logged in check for actions that are only available to Authenticated users – Andrew Apr 14 '11 at 11:17
  • How would I go about creating the attribute to do the logged in check? –  Apr 14 '11 at 11:23
  • Create a new action filter attribute gimme a second ill get something – Andrew Apr 14 '11 at 11:27
  • See my answer below I've updated – Andrew Apr 14 '11 at 11:34

2 Answers2

0

I would add an attribute to check the user is logged in for this example. You don't want the action to be available for non authenticated users at all so there is no need to manage this in your body of your action itself. You can use Authorize to do this just not in the form you are using it.

Check out this question too: Is the Authorize attribute in ASP .NET MVC used for Authentication as well as Authorization?

If you want to create a custom attribute, which I would recommend, then create a new ActionFilterAttribute

public class RequireLoggedIn : ActionFilterAttribute
{
   public override void OnActionExecuting(ActionExecutingContext filterContext) {
      if (Membership.GetUser() == null) {
        filterContext.Result = new RedirectResult("~/Logon");
       }
  }
}

You can then decorate any of your Actions with this throughout your application. Simples :)

Community
  • 1
  • 1
Andrew
  • 9,967
  • 10
  • 64
  • 103
  • Wow this is great thank you :) So I just need to reference this in my index action in my HomeController? Do I still need the two lines of code that were giving me problems? –  Apr 14 '11 at 11:37
  • this means if the user isn't logged in your ActionResult won't execute your custom code so you won't have the problem in the first place :) – Andrew Apr 14 '11 at 11:42
  • Keep it tidy put all your attributes in an ActionFilterAttributes folder - you will end up writing a lot more I promise :) – Andrew Apr 14 '11 at 11:43
  • Hmm, I'm still getting the error though :/ It seems to go straight to the index action and tries to do the Membership.GetUser –  Apr 14 '11 at 11:46
  • Also do you have a action called Logon in the same controller? if not change the redirect to point to your logon page. Also put a debug line in the actionfilter and see what is happening. Check that it thinks your user is not logged in – Andrew Apr 14 '11 at 11:52
  • The attribute should be in its own file and seperate to your controller. Your code is showing that you have the action within your attribute class??? You need to put [RequireLogedIn] on the line above public ActionResult Index() for it to be called too. – Andrew Apr 14 '11 at 12:04
  • Oh okay, i'm sorry, i'm still learning. I made those changes and it worked! Thank you so much :) –  Apr 14 '11 at 12:09
  • Glad you sorted it!! :) Happy learning! MVC is awesome once you get the hand of it :) – Andrew Apr 14 '11 at 12:13
0

According to msdn Membership.GetUser() throws an exception if you don't have anyone logged in.

http://msdn.microsoft.com/en-us/library/fcxcb339.aspx

maciek
  • 661
  • 4
  • 10