TechQA.

HandleUnauthorizedRequest for partial view redirects and adds new view at bottom of page

742 views Asked by At

It's a little hard to explain in the tittle. Basically I have a MVC app that has a shared View. The shared view is the header, then I have views that load in it depending on which tab the user picks.

My problem is the following:

The enclosed view has a grid that the user can click on and get details from. The details page is a partial view. I'm trying to apply MVC security filters and redirect to the login page whenever a session expires. I have a custom class that overrides HandleUnauthorizedRequest. 

using System;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;
using System.Web.Security;
using PortalAPI.SPModels;
using SICommon.Enums;
using SICommon.LoggingOperations;

namespace Portal.Security {
    public class AuthorizedUser : AuthorizeAttribute {
        public bool IsAuthorized { get; set; }

        protected override bool AuthorizeCore(HttpContextBase httpContext) {
            var sessionHash = Convert.FromBase64String(httpContext.Request.Cookies.Get("hash")?.Value);

            if (sessionHash == null)
                return this.IsAuthorized = false;

            if (TransmitToSP.TransmitAPIRequest<APIRequest, SICommon.CommonModels.APIResponse>(
                new APIRequest() {
                    UserRole = (UserRole)((CustomPrincipal)httpContext.User)?.CustomIdentity?.UserRoles[0],
                    SessionHash = sessionHash,
                    RequestStartTime = DateTime.UtcNow,
                    CallerMethod = "AuthorizeCore"
                }, "ValidateSession").ErrorCode == 24) {

                if (httpContext.Request.Cookies.AllKeys.Contains("hash")) {
                    FormsAuthentication.SignOut();
                    HttpContext.Current.Request.Cookies.Remove("hash");
                    return this.IsAuthorized = false;
                }
            }
            return this.IsAuthorized = true;
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) {
            filterContext.Result = new RedirectToRouteResult(
                new RouteValueDictionary(
                    new {
                        controller = "Account",
                        action = "Login"
                    }
                )
            );
            base.HandleUnauthorizedRequest(filterContext);
        }
    }
}

My main class code:

namespace Portal.Controllers {
    [AuthorizedUser(IsAuthorized = true)]
    public class RequestsController : Controller {

       public PartialViewResult GetDetails(){
         return PartialView("_DetailsPartial", 
                 new DetailsModel {
                       RequestToDisplay = requestToDisplay
                 }
                );
       }
     }
  }

Main view and partial view

The redirect loads under the partial view. Trying to fix this to make it load on the main view only.

I noticed that the view is getting embedded in the main view. The redirect is getting inserted between the header and footer.

c# asp.net-mvc asp.net-mvc-partialview authorize-attribute asp.net-mvc-filters
Original Q&A
0

There are 0 answers

Related Questions in C#

Related Questions in ASP.NET-MVC

Related Questions in ASP.NET-MVC-PARTIALVIEW

Related Questions in AUTHORIZE-ATTRIBUTE

Related Questions in ASP.NET-MVC-FILTERS

Popular Questions

Trending Questions