pup*_*eno 5 ajax asp.net-mvc authorize
我有一些授权背后的行动方法,如:
[AcceptVerbs(HttpVerbs.Post), Authorize]
public ActionResult Create(int siteId, Comment comment) {
我遇到的问题是我通过AJAX向Comment/Create with发送请求
X-Requested-With=XMLHttpRequest
这有助于将请求标识为AJAX.当用户未登录并点击授权墙时,它将被重定向到
/Account/LogOn?ReturnUrl=Comment%2fCreate
这打破了AJAX工作流程.我需要被重定向到
/Account/LogOn?X-Requested-With=XMLHttpRequest
有什么想法可以实现吗?有什么方法可以获得对授权请求时会发生什么的更多控制?
感谢刘易斯的评论,我能够达到这个解决方案(这远非完美,发布了我自己的评论,如果你有修复可以随意编辑和删除这个短语),但它的工作原理:
public class AjaxAuthorizeAttribute : AuthorizeAttribute {
override public void OnAuthorization(AuthorizationContext filterContext) {
base.OnAuthorization(filterContext);
// Only do something if we are about to give a HttpUnauthorizedResult and we are in AJAX mode.
if (filterContext.Result is HttpUnauthorizedResult && filterContext.HttpContext.Request.IsAjaxRequest()) {
// TODO: fix the URL building:
// 1- Use some class to build URLs just in case LoginUrl actually has some query already.
// 2- When leaving Result as a HttpUnauthorizedResult, ASP.Net actually does some nice automatic stuff, like adding a ReturnURL, when hardcodding the URL here, that is lost.
String url = System.Web.Security.FormsAuthentication.LoginUrl + "?X-Requested-With=XMLHttpRequest";
filterContext.Result = new RedirectResult(url);
}
}
}
| 归档时间: |
|
| 查看次数: |
5537 次 |
| 最近记录: |