In my DocType i have a property by the name of "membersOnly" (true/false).
When checked, i want to check, if the user is logged in, if not, redirect to login page with a refere.
But what is the best way to do this - i dont want to have in my Master template. How can i hook into the request pipeline, check if the "membersOnly" field excist, and if it does, and it is checked, and the user is not logged in, redirect the user?
Perhaps you would consider using the default page protection provided by Umbraco. Its based on a custom ASP.Net membership provider and offers you a lot of the functionality you need right out of the box.
I forgot to mention, that in this case, it is by design, that i am not using the built-in way of doing the same thing in the UI. The reason beeing, that the client, wants a simple way of protecting a simple page, without selecting member groups, login page and error page. It has to be a checkbox-option.
How about using your own controller for the page types you want to protect, then you can access that information in the controller and direct to a login page from there?
It depends a little on your strategy for implementing your site, as Marshall suggests you can use your own Controller for Document Types that need to be protected, using 'Route Hijacking' and perhaps a custom Authorise Attribute, so you are not repeating the logic in lots of different hijacked controllers.
and have your logic in your custom controller, and Umbraco will use this to process for all requests...
... and finally... if you don't want to be playing around with controllers, or it would be complex to do so in your solution, there is also an Event called the PublishedContentRequest.Prepared event, that is fired just before Umbraco is considering rendering the page, so this would also be a convenient place, to handle the event, check the logged in status, and the protected checkbox, and redirect unauthorised visitors...
Check if page is marked as protected and redirect to login
In my DocType i have a property by the name of "membersOnly" (true/false).
When checked, i want to check, if the user is logged in, if not, redirect to login page with a refere.
But what is the best way to do this - i dont want to have in my Master template. How can i hook into the request pipeline, check if the "membersOnly" field excist, and if it does, and it is checked, and the user is not logged in, redirect the user?
Any short snippets out there?
Hi Dinovo,
Perhaps you would consider using the default page protection provided by Umbraco. Its based on a custom ASP.Net membership provider and offers you a lot of the functionality you need right out of the box.
https://our.umbraco.com/documentation/Getting-Started/Data/Members/
https://umbraco.tv/videos/umbraco-v7/content-editor/administrative-content/members/
Paul
Hi Paul
Thx for your reply.
I forgot to mention, that in this case, it is by design, that i am not using the built-in way of doing the same thing in the UI. The reason beeing, that the client, wants a simple way of protecting a simple page, without selecting member groups, login page and error page. It has to be a checkbox-option.
How about using your own controller for the page types you want to protect, then you can access that information in the controller and direct to a login page from there?
HI Dinovo
It depends a little on your strategy for implementing your site, as Marshall suggests you can use your own Controller for Document Types that need to be protected, using 'Route Hijacking' and perhaps a custom Authorise Attribute, so you are not repeating the logic in lots of different hijacked controllers.
https://our.umbraco.com/Documentation/Reference/Routing/custom-controllers
or
If you are not hijacking controllers, you can replace Umbracos 'default' RenderMvcController implementation globally:
https://our.umbraco.com/Documentation/Implementation/Default-Routing/Controller-Selection/
and have your logic in your custom controller, and Umbraco will use this to process for all requests...
... and finally... if you don't want to be playing around with controllers, or it would be complex to do so in your solution, there is also an Event called the PublishedContentRequest.Prepared event, that is fired just before Umbraco is considering rendering the page, so this would also be a convenient place, to handle the event, check the logged in status, and the protected checkbox, and redirect unauthorised visitors...
https://our.umbraco.com/Documentation/Reference/Routing/Request-Pipeline/inbound-pipeline https://our.umbraco.com/Documentation/Reference/Routing/Request-Pipeline/published-content-request-preparation
regards
Marc
A very interesting aspected connected to the following message. Thanks for sharing! Will be happy to work with it further.
is working on a reply...