将匿名用户或错误的用户类型重定向到 ASP.net MVC 3 中特定控制器内的登录页面
[英]Redirecting Anonymous User or wrong user type to login page within a specific controller in ASP.net MVC 3
问题描述
I have two sections to my site, one is the front end customer portal which serves as a storefront.
我的网站有两个部分,一个是作为店面的前端客户门户。 The other is where merchants can edit their wares, prices and the look of their store page in the storefront.另一个是商家可以在店面编辑他们的商品、价格和商店页面的外观。
The former can be accessed by anyone, anonymous user or customer accounts, but the latter should only be accessible by merchant accounts that are logged in. If someone attempts to use a link to access parts of the merchant site without being logged in as a merchant, they should be redirected to the merchant log in.前者可以由任何人、匿名用户或客户帐户访问,但后者只能由已登录的商家帐户访问。 如果有人试图使用链接访问商家网站的部分内容而未以商家身份登录,他们应该被重定向到商家登录。
I have a few lines I can put at the top of every Action like this:我有几行可以放在每个 Action 的顶部,如下所示:
if (!(User.Identity.IsAuthenticated
&& User.IsInRole(VendorsController.Role)))
return RedirectToAction("Login", "Vendors");
But adding that to the beginning of each action feels like it's bad practice.但是将其添加到每个动作的开头感觉就像是不好的做法。 I've also seen a few posts about modifying the web.config but I think that's for an earlier version of MVC.我还看到了一些关于修改 web.config 的帖子,但我认为这是针对早期版本的 MVC。 Is there a way to create an event listener that interrupts an action call to redirect to login, if the user isn't logged in as the right user type?如果用户没有以正确的用户类型登录,有没有办法创建一个事件侦听器来中断操作调用以重定向到登录? Or will I have to add this line of code to each action?或者我是否必须将这行代码添加到每个操作中?
1 个解决方案
解决方案1
1 已采纳 2020-09-11 16:30:57
我会使用AuthenticationFilter在其中创建自定义 AuthenticationFilter 然后根据需要将其应用于控制器或操作
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.