简体繁体 English

加载方法，无论调用其他方法如何

[英]Method that loads regardless of other methods being called

原文 2012-11-27 22:46:23 5 4 c#/ asp.net-mvc-3

For example I have the following controller example.com/controller/ 例如，我有以下控制器example.com/controller/

There are three methods: 有三种方法：

example.com/controller/method1
example.com/controller/method2
example.com/controller/validate

I want validate to run regardless of what ever method is called, I want to ensure validate runs because it contains the code to verify if client has the valid cookie set or boot them from the page. 我想不管任何方法调用都运行validate，我想确保validate运行，因为它包含用于验证客户端是否设置了有效cookie或从页面引导它们的代码。

4 个解决方案

I think you need ActionFilter which will do validation. 我认为您需要可以执行验证的ActionFilter 。 Create your custom validation filter attribute, override its OnActionExecuting method (do cookie validation), and apply attribute to controller (or specific actions). 创建您的自定义验证过滤器属性，覆盖其OnActionExecuting方法（执行Cookie验证），然后将该属性应用于控制器（或特定操作）。

I would suggest looking at Action filters: 我建议看一下动作过滤器：

An action filter is an attribute that you can apply to a controller action -- or an entire controller -- that modifies the way in which the action is executed. 动作过滤器是可以应用于控制器动作（或整个控制器）的属性，可以修改动作的执行方式。 The ASP.NET MVC framework includes several action filters: ASP.NET MVC框架包括几个操作筛选器：

OutputCache – This action filter caches the output of a controller action for a specified amount of time. OutputCache –此动作过滤器会在指定的时间内缓存控制器动作的输出。

HandleError – This action filter handles errors raised when a controller action executes. HandleError –此动作过滤器处理执行控制器动作时引发的错误。

Authorize – This action filter enables you to restrict access to a particular user or role. 授权–使用此操作筛选器，您可以限制对特定用户或角色的访问。

You also can create your own custom action filters. 您还可以创建自己的自定义操作过滤器。 For example, you might want to create a custom action filter in order to implement a custom authentication system. 例如，您可能想创建一个自定义操作过滤器，以实现一个自定义身份验证系统。 Or, you might want to create an action filter that modifies the view data returned by a controller action. 或者，您可能想创建一个动作过滤器，以修改控制器动作返回的视图数据。

http://www.asp.net/mvc/tutorials/older-versions/controllers-and-routing/understanding-action-filters-cs http://www.asp.net/mvc/tutorials/older-versions/controllers-and-routing/understanding-action-filters-cs

Depending on the timing of when you want to do this check, you can either put this in the constructor of your controller, or override OnActionExecuting from the base controller (typically AsyncController). 根据当你想要做这种检查的时间，你可以把这个在你的控制器的构造函数，或者从基本控制器（通常AsyncController）覆盖OnActionExecuting。

If you want to run this check on every controller, then I suggest you create a ControllerBase class that your other controllers can then inherit from. 如果要在每个控制器上运行此检查，则建议您创建一个ControllerBase类，其他控制器随后可以从该类继承。

You should move your validation code from the action to custom authorization filter. 您应该将验证代码从操作移动到自定义授权过滤器。 Unlike the action filters, the authorization filters are the ones that runs at first so you should use them for this kind of security check. 与操作过滤器不同，授权过滤器是首先运行的过滤器，因此您应将它们用于这种安全检查。

There is already a built-in authorization filter Authorize that does decent job and if you would like to create a custom one I would recommend to extend the Authorize attribute and override the required methods. 已经有一个内置的授权过滤器Authorize可以完成不错的工作，如果您要创建自定义的过滤器，我建议扩展Authorize属性并覆盖所需的方法。 The Authorize attribute does some work-around to avoid cache issue and that's why I recommend it. Authorize属性做了一些变通方法来避免缓存问题，这就是为什么我推荐它。