I have an ASP.NET MVC web application.
There's a welcome page in my application, and i wish for the user to complete some steps on that page before allowing him to use the application.
I'm trying to accomplish 2 things:
Ensure that the user is always redirected to that page until he completes the required steps. Note: the user is logged in when he is at the welcome page.
Ignore all requests made by that user to any of the controllers, except for a few specific requests to a specific controller.
What is the correct way to do the above?
Thanks.
What i have done is:
Create a class that derives from Controller and add the logic to redirect if not Logged in:
public class CustomController : Controller { protected override void OnActionExecuting(ActionExecutingContext filterContext) { if (!LoggedIn) //Here you decide how to check if the user is Logged in { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "YourLogInControllerName", action = "YourLoginActionName" })); } else { base.OnActionExecuting(filterContext); } } }
Then all Controllers derive from this CustomController
class.
听起来,如果您必须确保访问者完成这些“必需的步骤”,则可以将其用于会话,或其他(更持久的)存储,以便可以在完成访问后将其存储。
I created a custom authorise attribute that redirected the use to my login page if they didn't meet the criteria I set. This then allowed me to use [AuthorizeAdminArea]
on my base controller which stopped access to all areas. I then used [AllowAnonymous]
to allow access to the login area.
Take a look at the SimpleMemshipProvider
Use a Role
and only allow access to the other controllers if the user has this Role
. Add the user to this Role
when they have completed the necessary steps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.