I use AuthorzieAttribute for authentication and authorization in my web application. How do I change HandleUnauthorizedRequest method that is compatible with the principle of inversion of control (IOC)?
public class AuthorizeUser : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
return SessionContext.GetCurrentUser() != null ? true : false;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new
{
returnUrl = filterContext.HttpContext.Request.Url,
Area = "",
controller = "Account",
action = "Login"
})
);
}
}
Answer:
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.HttpContext.Response.RedirectToRoute(new { controller = "Account", action = "Login", returnUrl = filterContext.HttpContext.Request.Url });
}