Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

  • Dinovo 7 posts 87 karma points
    Aug 10, 2018 @ 14:53

    Check if page is marked as protected and redirect to login

    In my DocType i have a property by the name of "membersOnly" (true/false).

    When checked, i want to check, if the user is logged in, if not, redirect to login page with a refere.

    But what is the best way to do this - i dont want to have in my Master template. How can i hook into the request pipeline, check if the "membersOnly" field excist, and if it does, and it is checked, and the user is not logged in, redirect the user?

    Any short snippets out there?

  • Paul Tilsed 26 posts 179 karma points c-trib
    Aug 10, 2018 @ 15:04
    Paul Tilsed

    Hi Dinovo,

    Perhaps you would consider using the default page protection provided by Umbraco. Its based on a custom ASP.Net membership provider and offers you a lot of the functionality you need right out of the box.


  • Dinovo 7 posts 87 karma points
    Aug 10, 2018 @ 15:20

    Hi Paul

    Thx for your reply.

    I forgot to mention, that in this case, it is by design, that i am not using the built-in way of doing the same thing in the UI. The reason beeing, that the client, wants a simple way of protecting a simple page, without selecting member groups, login page and error page. It has to be a checkbox-option.

  • Marshall Penn 37 posts 175 karma points
    Oct 11, 2019 @ 15:48
    Marshall Penn

    How about using your own controller for the page types you want to protect, then you can access that information in the controller and direct to a login page from there?

  • Marc Goodson 1195 posts 8024 karma points MVP 5x c-trib
    Oct 12, 2019 @ 09:04
    Marc Goodson

    HI Dinovo

    It depends a little on your strategy for implementing your site, as Marshall suggests you can use your own Controller for Document Types that need to be protected, using 'Route Hijacking' and perhaps a custom Authorise Attribute, so you are not repeating the logic in lots of different hijacked controllers.


    If you are not hijacking controllers, you can replace Umbracos 'default' RenderMvcController implementation globally:

    and have your logic in your custom controller, and Umbraco will use this to process for all requests...

    ... and finally... if you don't want to be playing around with controllers, or it would be complex to do so in your solution, there is also an Event called the PublishedContentRequest.Prepared event, that is fired just before Umbraco is considering rendering the page, so this would also be a convenient place, to handle the event, check the logged in status, and the protected checkbox, and redirect unauthorised visitors...



  • PamelaBrown 3 posts 73 karma points
    Oct 14, 2019 @ 19:11

    A very interesting aspected connected to the following message. Thanks for sharing! Will be happy to work with it further.

Please Sign in or register to post replies

Write your reply to: