Hi,

I want to create my own filter that redirects non-logged in users.
Here is my class:

1    public class LoggedInUserOnly : ActionFilterAttribute
2        {
3            public override void OnActionExecuting(FilterExecutingContext filterContext)
4            {
5                base.OnActionExecuting(filterContext);
6                if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
7                {
8                    //RedirectToAction("Login");
9                }
10           }
11       }

Funny you should mention that!

http://forums.asp.net/t/1234929.aspx

As was pointed out in this previous thread, this is exactly the kind of feedback the development team is looking for. 

In the meantime you could use reflection to "hack" your way into using the RedirectToAction.
 

if( filterContext.Controller is MyController )
    (filterContext.Controller as MyController).RedirectToAction("Login");

public class MyController : Controller {
    public new RedirectToAction(RouteValueDictionary values) { base.RedirectToAction( value ); }
}

Now you just have to make all your controllers inherit from MyController. 

It's not ideal by any means. But it works. you could get the url from RouteTable.Routes.GetVirtualPath and call Response.Redirect yourself. but that's a mess as well.

... or reflection ;)

Heh,

neither of which are really ideal, I'm still hoping they'll make RedirectToAction and RenderView public in the next preview.
 

Thank you for your answers.
For the moment, I will keep my also not ideal solution, which consist of this method (in the controller class itself):

1    [NonAction]
2    private void RedirectUserIfNotLoggedIn()
3    {
4        if (!HttpContext.User.Identity.IsAuthenticated)
5        {
6            RedirectToAction("Login");
7        }
8    }

 public class LoginActionFilterAttribute : ActionFilterAttribute
    {
        public override void OnActionExecuting(FilterExecutingContext filterContext)
        {
           HttpSessionStateBase session = filterContext.HttpContext.Session;
           Controller control = filterContext.Controller as Controller;
      
         
            if (control != null)
            {
                if (session["Login"] == null)
                {
                    filterContext.Cancel = true;
                    control.HttpContext.Response.Redirect("./Login");

                }
            }
            base.OnActionExecuting(filterContext);
        }
    }

But what if your controller isn't actually derived from System.Web.Mvc.Controller? This code will work either way:

public class MyFilterAttribute : ActionFilterAttribute
{
    public override void OnActionExecuting(FilterExecutingContext filterContext)
    {
        RedirectToRoute(filterContext, 
            new { controller = "SomeController", action = "SomeAction" }
        );
    }

    private void RedirectToRoute(FilterContext context, object routeValues)
    {
        var rc = new RequestContext(context.HttpContext, context.RouteData);
        string url = RouteTable.Routes.GetVirtualPath(rc, 
            new RouteValueDictionary(routeValues)).VirtualPath;
        context.HttpContext.Response.Redirect(url, true);
    }
}

uhm ,that is great!

  Thanks . 

Hi guys,

I actually took the easy way out and just created an extension method.

1    		/// <summary>
2    		/// Redirects to action.
3    		/// </summary>
4    		/// <param name="filterContext">The filter context.</param>
5    		/// <param name="responseCode">The response code.</param>
6    		/// <param name="actionName">Name of the action.</param>
7    		public static void RedirectToAction(this ControllerContext filterContext, string actionName)
8    		{
9    			if (String.IsNullOrEmpty(actionName))
10   				throw new ArgumentNullException("actionName");
11   
12   			RouteValueDictionary values = new RouteValueDictionary();
13   			values.Add("action", actionName);
14   
15   			RedirectToAction(filterContext, values);
16   		}
17   
18   		/// <summary>
19   		/// Redirects to action.
20   		/// </summary>
21   		/// <param name="filterContext">The filter context.</param>
22   		/// <param name="responseCode">The response code.</param>
23   		/// <param name="actionName">Name of the action.</param>
24   		/// <param name="controllerName">Name of the controller.</param>
25   		public static void RedirectToAction(this ControllerContext filterContext, string actionName, string controllerName)
26   		{
27   			if (String.IsNullOrEmpty(actionName))
28   				throw new ArgumentNullException("actionName");
29   
30   			if (String.IsNullOrEmpty(controllerName))
31   				throw new ArgumentNullException("controllerName");
32   
33   			RouteValueDictionary values = new RouteValueDictionary();
34   			values.Add("action", actionName);
35   			values.Add("controller", controllerName);
36   
37   			RedirectToAction(filterContext, values);
38   		}
39   
40   		/// <summary>
41   		/// Redirects to action.
42   		/// </summary>
43   		/// <param name="filterContext">The filter context.</param>
44   		/// <param name="responseCode">The response code.</param>
45   		/// <param name="values">The values.</param>
46   		public static void RedirectToAction(this ControllerContext filterContext, RouteValueDictionary values)
47   		{
48   			VirtualPathData virtualPath = RouteTable.Routes.GetVirtualPath(filterContext, values);
49   
50   			string url = null;
51   			if (virtualPath != null)
52   				url = virtualPath.VirtualPath;
53   
54   			filterContext.HttpContext.Response.Redirect(url);
55   		}

Good workaround Steve!

Another alternative to redirecting to login page:

                string redirectUrl = string.Format(
                    "{0}?returnUrl={1}",
                    FormsAuthentication.LoginUrl,
                    filterContext.HttpContext.Server.UrlEncode(filterContext.HttpContext.Request.Url.AbsolutePath)
                );
                filterContext.HttpContext.Response.Redirect(redirectUrl, true);

Using this approach, you can specify the login url in your web.config <authentication><forms> configuration.

Or, if that's what you want to do, you can replace it with a single line:

FormsAuthentication.RedirectToLoginPage();