Redirect To the log in page
Question
我有一个ASP MVC 5网站,我有多个控制器和视图,如果未通过if(User.Identity.Is Authenticated)的所有操作,如果未通过身份验证,如何将用户芳香地重定向到“登录”视图
4 answers
solution1
1 2014-08-04 15:19:52
Decorate your controllers (if you want all actions within that controller to require authentication) or specific actions with the [Authorize] attribute. You can specify the login url the user gets redirected to in your web.config file.
[Authorize]
public class UserController : Controller
{
public ActionResult Index()
{
// Must be authorized
}
public ActionResult Users()
{
// Must be authorized
}
}
public class ProductController : Controller
{
public ActionResult Index()
{
// Doesn't require authorization
}
[Authorize]
public ActionResult Products()
{
// Must be authorized
}
}
Further reading:
http://msdn.microsoft.com/en-us/library/system.web.mvc.authorizeattribute(v=vs.118).aspx
solution2
0 2014-08-04 15:20:41
For this task you can make use of the [Authorize] attribute, which you can implement at either the Class or Action level:
[Authorize]
public class AccountController : Controller
{
public AccountController () { . . . }
public ActionResult Register() { . . . }
public ActionResult Manage() { . . . }
public ActionResult LogOff() { . . . }
. . .
}
In the above instance attempting to access any action method in the controller will redirect the user to the login page, after which a further redirection to the initially requested action will be made.
For further information on how to use the Autohorize attribute please see the MSDN article , as it has expanded examples and background information.
solution3
0 2014-08-04 15:21:25
Answer 1 :
You can use inbuilt [Authorize] attribute in MVC..
[Authorize]
public class YourController : Controller
{
public ActionResult YourAction()
{
}
}
the [Authorize] attribute will check whether user is authenticated or not if not then it will redirect user to login page automatically
Answer 2 :
Or you can make your custom filter attribute as :
[AuthoriseUser]
public class YourController : Controller
{
public ActionResult YourAction()
{
}
}
public class AuthoriseUserAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
// Check user is authenticated
// if user is not authenticated then do as :
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new { controller = "Login", action = "Index" }));
}
}
Answer 3 :
As you have said in your comments section that you don't want to write [Authorize] attribute on every controller in your project then below answer will help you :
public class YourController : Controller
{
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
//....Check user authentication here
}
}
public class MyController : YourController
{
public ActionResult Myaction()
{
// ...
}
}
In above answer all you have to do is to make your custom base controller YourController and then you can put your authentication stuff there and then every controller in your web app will inherit YourController instead of inbuilt base Controller class .
solution4
0 2014-08-04 15:22:49
You can use the events in the global.asax to authenticate and authorize on every request.
Application_AuthenticateRequest : Fired when the security module has established the current user's identity as valid. At this point, the user's credentials have been validated.
Application_AuthorizeRequest : Fired when the security module has verified that a user can access resources.
So, something like this (this isn't complete though)
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
// you can re-direct them for example
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.