Custom Authorize Attribute on SurfaceController Can't Perform Redirect on Child Action
Hopefully I'm not the only person to come up against this but it does relate to a v6 install and not v7.
I have a surface controller which is decorated with a custom AuthorizeAttribute EulaAuthorizeAttribute which basically checks that the logged in user has accepted a EULA for the site before they can enter any of the restricted actions on the site.
I am overriding the HandleUnauthorizedRequest(AuthorizationContext filterContext) method and wanting to redirect users to their "My Account" page in order to read and accept the EULA. The method looks as follows:
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
// Returns HTTP 401
filterContext.Result = new HttpUnauthorizedResult();
}
else
{
var myAccountPage = uQuery.GetNodesByType("MyAccount").FirstOrDefault();
var player = this.PlayerService.GetByUsername(filterContext.HttpContext.User.Identity.Name);
if (myAccountPage != null)
{
filterContext.Result = new RedirectToUmbracoPageResult(myAccountPage.Id);
}
else
{
if (!player.Active)
throw HttpError.Unauthorized("You must activate your account in order to use the site.");
throw HttpError.Unauthorized("EULA must have been accepted in order to use this site!");
}
}
}
The redirect would actually happen but it is throwing an exception under the hood saying "Cannot redirect after HTTP headers have been sent.". To get around this I tried changing the line as follows:
filterContext.Result = new RedirectResult(myAccountPage.Url);
It is at this point I get the exception. "Cannot redirect from a Child Action". I understand the reasons why this exception is thrown however I'm not entirely sure how to work around this issue.
ActionFilterAttribute appears to inherit from the same base types as the AuthorizeAttribute, namely FilterAttribute and IActionFilter. I really need the redirect as opposed to throwing a 404 as its not appropriate in this scenario. The problem here I think is that Umbraco starts sending the view before the child action is called, the filter somehow needs to be applied earlier in the lifecycle. If this wasn't in Umbraco I could return a View I think but in this scenario would render my view without the Umbraco page template.
I will however give your example a go but expect the same result unfortunately.
Custom Authorize Attribute on SurfaceController Can't Perform Redirect on Child Action
Hopefully I'm not the only person to come up against this but it does relate to a v6 install and not v7.
I have a surface controller which is decorated with a custom AuthorizeAttribute
EulaAuthorizeAttributewhich basically checks that the logged in user has accepted a EULA for the site before they can enter any of the restricted actions on the site.I am overriding the
HandleUnauthorizedRequest(AuthorizationContext filterContext)method and wanting to redirect users to their "My Account" page in order to read and accept the EULA. The method looks as follows:Originally I was doing the following:
The redirect would actually happen but it is throwing an exception under the hood saying "Cannot redirect after HTTP headers have been sent.". To get around this I tried changing the line as follows:
It is at this point I get the exception. "Cannot redirect from a Child Action". I understand the reasons why this exception is thrown however I'm not entirely sure how to work around this issue.
Any ideas anyone?
Thanks, Simon
Simon,
Not sure if this helps, I created custom action filter looks like
public class NotFacebookUser:ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { if (HttpContext.Current.User.Identity.IsAuthenticated && WebHelper.IsFaceBookUser()) { //var umbracoService = ServiceFactory.GetUmbracoService(null); filterContext.Result = new HttpNotFoundResult(); //filterContext.Result = new RedirectResult(umbracoService.GetSiteNode().Url); } else { base.OnActionExecuting(filterContext); } } }Although i did page not found as i think i was getting same issue as you
ActionFilterAttributeappears to inherit from the same base types as the AuthorizeAttribute, namelyFilterAttributeandIActionFilter. I really need the redirect as opposed to throwing a 404 as its not appropriate in this scenario. The problem here I think is that Umbraco starts sending the view before the child action is called, the filter somehow needs to be applied earlier in the lifecycle. If this wasn't in Umbraco I could return a View I think but in this scenario would render my view without the Umbraco page template.I will however give your example a go but expect the same result unfortunately.
Cheers, Simon
Hi Ismail, I've tested this and unfortunately as suspected got the same result.
Thanks anyway.
Simon
Simon,
Thought you might, hence i have the code commented out, in fact im sure i asked question about it on our?
Regards
Ismail
is working on a reply...