2

I have an MVC 5 website running using standard forms authentication.

However I need to add an extra step to the user's login process. Once the user has been authenticated we look up whether or not they have access to multiple offices. If they do we need to show them a list of offices and they must choose one.

This is a mandatory step and they cannot be considered logged on until they do it.

Do we need to create our own authentication or should I add a check to a BaseController?

Improve this question

1 Answer 1

Reset to default
2

You can extend the implementation of the built-in authentication:

public class OfficeSelectionAuthorizeAttribute : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        var result = base.AuthorizeCore(httpContext);

        if (result)
        {
            if (IsOfficeSelected())
            {
                return true;
            }

            httpContext.Response.RedirectToRoute("OfficeSelection Route");
            httpContext.Response.Flush();
        }

        return false;
    }

    private bool IsOfficeSelected()
    {
        //office selection check
    }
}

Then you need to use this filter instead of the default one:

[OfficeSelectionAuthorize]
public class AccountController : Controller
{
    //action methods
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Following from this I now need to understand how to Stash the selected office in the logged on user's Identity. I've asked the question here, stackoverflow.com/questions/29100679/…. Any thoughts?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.