i have filter class.
public class sessional : actionfilterattribute { public override void onactionexecuting(actionexecutingcontext filtercontext) { httpsessionstatebase session = filtercontext.httpcontext.session; loggeduserinfo user = (loggeduserinfo)session["user"]; if ((user == null && !session.isnewsession) || (session.isnewsession)) { urlhelper urlhelper = new urlhelper(filtercontext.requestcontext); string loginurl = urlhelper.content("~/account/logout"); fauth.abandonsession(); formsauthentication.signout(); filtercontext.httpcontext.response.redirect(loginurl, true); } } } when apply on controller, action logout user if session unavailable. want write attribute allow action work without loggin out, example unsessional.
[authorize] [sessional] public class reportcontroller : controller { [httpget] [unsessional] public actionresult getreport() //unsessional action { return view(); } [httppost] public actionresult getreport(getreportmodel model) //sessional action { if (!modelstate.isvalid) { return view(); } return view(); } }
you can check "unsessionattribute" existance current action, here sample code:
public override void onactionexecuting(actionexecutingcontext filtercontext) { if(filtercontext.actiondescriptor.getcustomattributes(typeof(unsessionattribute), true).length > 0) { return; } httpsessionstatebase session = filtercontext.httpcontext.session; loggeduserinfo user = (loggeduserinfo)session["user"]; if ((user == null && !session.isnewsession) || (session.isnewsession)) { urlhelper urlhelper = new urlhelper(filtercontext.requestcontext); string loginurl = urlhelper.content("~/account/logout"); fauth.abandonsession(); formsauthentication.signout(); filtercontext.httpcontext.response.redirect(loginurl, true); } } 
Comments
Post a Comment