Check & Redirect on each request RSS

• • Reply
  krokonoster

  Contributor

  3574 Points

  1661 Posts

  Check & Redirect on each request

  Oct 29, 2018 01:36 PM|krokonoster|LINK

  I need to ensure the currently logged in user have agreed to some disclaimers.

  Please note this cannot be done in the login, since that is a separate project.

  Figured this will be done in the global.asax / begin_request (it's been years since I used MVC, totally rusted) ?

  Been told I must put it in Application_AuthenticateRequest, but it does not make sense (or event work "too many redirects" error)

  ```if (!principalInfo.AgreedToStuff)
  {
    Response.RedirectToRoute("disclaimers");
    return;
  }````

  If it ain't simple, it ain't right.
• • Reply
  PatriceSc

  All-Star

  48340 Points

  18017 Posts

  Re: Check & Redirect on each request

  Oct 29, 2018 01:45 PM|PatriceSc|LINK

  Hi,

  You need also to check if the user is not already on "disclaimers". Else even when trying to show "disclaimers" you'll redirect him again and again to "disclaimers".

• • Reply
  mgebhard

  All-Star

  52291 Points

  23326 Posts

  Re: Check & Redirect on each request

  Oct 29, 2018 01:51 PM|mgebhard|LINK

  krokonoster

  I need to ensure the currently logged in user have agreed to some disclaimers.

  Please note this cannot be done in the login, since that is a separate project.

  Figured this will be done in the global.asax / begin_request (it's been years since I used MVC, totally rusted) ?

  Been told I must put it in Application_AuthenticateRequest, but it does not make sense (or event work "too many redirects" error)

  ```if (!principalInfo.AgreedToStuff)
  {
    Response.RedirectToRoute("disclaimers");
    return;
  }````

  The problem statement is too vague to answer accurately. 

  I would ask the requester to clarify.  IMHO, the Application_AuthenticateRequest handler seems like a perfectly fine location for this code.  Can you explain why you feel this is not a right place?  Do you have a better idea? If so, what is it and perhaps discuss with your team.

  Or are you asking for help with the code that runs in the Application_AuthenticateRequest handler?

• • Reply
  Yuki Tao

  Contributor

  3710 Points

  1431 Posts

  Re: Check & Redirect on each request

  Oct 31, 2018 03:03 AM|Yuki Tao|LINK

  Hi krokonoster，

  The answer from this article,you could refer to:

  You could make a custom attribute and add it to the top of the Controller.

   [AgreedToDisclaimer]
      public ActionResult LoadPage()
      {
           return View();
      }

  Which would only load the view if the AgreedToDisclaimer returns true.

  public class AgreedToDisclaimerAttribute : AuthorizeAttribute
  {
  
      protected override bool AuthorizeCore(HttpContextBase httpContext)
      {
         if (httpContext == null)
          throw new ArgumentNullException("httpContext");
  
         // logic to check if they have agreed to disclaimer (cookie, session, database)
         return true;
      }
  
     protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
     {
            // Returns HTTP 401 by default - see HttpUnauthorizedResult.cs.
             filterContext.Result = new RedirectToRouteResult(
              new RouteValueDictionary 
              {
               { "action", "ActionName" },
               { "controller", "ControllerName" },
               { "parameterName", "parameterValue" }
              });
     }
  }

  Best Regards.

  Yuki Tao

  MSDN Community Support
  Please remember to click "Mark as Answer" the responses that resolved your issue.
  If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.