0

hi i am trying to create a custom attribute for my MVC application so that i can call [CheckLogin] this is to check my cookie as i am not using forms authentification.

i have created a class CheckLogin and this is in my App_Code folder and the code is as follows:

using System.Web.Mvc;
using System.Attributes;
using System.Diagnostics.CodeAnalysis;
using System.Globalization;
using System.Web;
using System;

namespace corian_MVC.Controllers
{
    [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
    public class CheckLoginAttribute : FilterAttribute, IAuthorizationFilter
    {
        public CheckLoginAttribute() {}

        public void OnAuthorization(AuthorizationContext filterContext)
        {
            // TODO: perform your cookie checks
            if (!userIsAuthenticated)
            {
                filterContext.Result = new RedirectResult(string.Format(
                          "/Admin/Login",
                          filterContext.HttpContext.Request.Url.AbsoluteUri));
            }
        }
    }
}

what it does is not important here, the problem is i cant get my code to recognise this attribute if it is one in the first place, also how do i redirect to action if the login is failed ????

many thanks

my admin class:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Mvc.Ajax;


namespace corian_MVC.Controllers
{
    [HandleError]
    public class AdminController : Controller
    {
        [AcceptVerbs(HttpVerbs.Get)]
        public ActionResult Index()
        {
            //check login is not banned

            if ((int)Session["LoginCount"] >= 3) RedirectToAction("TooMany");

            return View();
        }

        public ActionResult Fraud()
        {
            Session["LoginCount"] = 3;
            return View();
        }

        public ActionResult TooMany()
        {
            return View();
        }

        [CheckLogin]
        public ActionResult Welcome()
        {
            return View();
        }

        private void Createcookie()
        {

        }

    }
}
Improve this question

2 Answers 2

Reset to default
2

This scenario is best handled by implementing an IAuthorizationFilter.

[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited=true, AllowMultiple=true)]
public class CheckLoginAttribute : FilterAttribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        // TODO: perform your cookie checks
        if (!userIsAuthenticated)
        {
            filterContext.Result = new RedirectResult(string.Format(
                "/loginUrl?ReturnUrl={0}",  
                filterContext.HttpContext.Request.Url.AbsoluteUri));
        }
    }
}

Then you can apply this attribute either at the controller level or at some particular actions.

By the way do you have any particular reason for not using the built-in FormsAuthentication?

Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

yeah thats great but i can not get the attribute to even be picked up in my controllers, the usual im missing an assembly reference, however there in the same namespace etc. is there something extra i have to do in order to make it available ????
Arghh, I see. You use App_Code. Well don't use this folder. This is only used for ASP.NET web sites and not web applications which the standard model for ASP.NET MVC template.
moved it from app_code to main root of site, I.E CheckLoginAttribute.cs sits next to default.aspx ?? still not picking it up
Did you actually marked any of your controller action methods with this attribute?
[CheckLogin] public ActionResult Welcome() { return View(); }
|
-1

Include .cs file with your attribute to the solution. Just placing it "near default.aspx" is not enough.

Improve this answer

1 Comment

please read below, it is no longer there it is in controllers and i have triedadding a using tag but it wont

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.