stackoom
  简体   繁体   中英

Set Authorize in MVC post method

 原文  2013-05-08 07:56:47       c#/ asp.net-mvc/ authorize

Question

I am create a forum website in mvc .it's same functionality like Stack Overflow . Any one view other any discussions ,But when anyone put the answer in RichBox,must Login then the answers is created.

So I Used [Authorize] in top side of my post action result method

see this 

[Authorize]
        [HttpPost]
        public ActionResult ViewDiscussion(DiscussionModel discussionModel)
        {
        }

Its not working . If any user does not login,Now when click the post reply(Call Post Method) button ,It's goes to Login page (because the user did't login), Then the user enter uname and psswrd and signed-in , It's come to the View discussion page . Now The HttpGet Method is called but i want to Post method call !

2 answers

solution1
 0  2013-05-08 08:18:16

If the ability to update discussion data is a feature only allowed by authorised users, I would add code to the view-model and view to hide the post reply button for unauthorised users. Or rig it in such a way that an alternative button is rendered, that instead of submitting the form, displays a message informing the user that they need to be logged in to post a reply.

Your alternative, would probably be to hold the form data in TempData whilst the user is fed through the log-in process, this would probably be a architecturally messy process though.

solution2
 0  2013-05-08 09:18:24

Simply put, you can't do what you're asking for, at least not without a lot of dirty hacks.

The reason is simple. If the user is not authorized, the framework redirects them to the login page to login. This loses all post information. Once they login, you cannot magically post the data from the server as a post must come from the client.

The closest you could get would be to somehow track the state they were in, redirect them to a page that recreates the form data as it was and then run some javascript to submit the page.. very messy and hackish, and it easily breaks.

In my opinion, if the user is not logged in, then they should e forced to re-enter their data. Alternatively, you should design your site so that users can't get at the form page to submit if they are not authenticated.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to “hook” into the Authorize method in mvc6 ASP.NET MVC Preserve Post Data After Authorize mvc post method not working Jquery post method in mvc 4 How to authorize one method differently than the controller? (MVC) MVC RoleProvider and Authorize attribute Authorize in ASP mvc4 asp.net MVC custom Authorize attribute, passing parameters and method details can not get access to the ASP.NET MVC controller method with [Authorize(Roles = “Admin”)] even after login Get or Post for REST method in MVC4?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM