custom authorize attribute not working

https://stackoverflow.com/questions/20330949

authorize-attribute

07-08-2022
|

Question

I am using asp.net mvc4 and facing problem while creating custom authorize attribute. The problem i am facing is that it keep coming on this "OnAuthorization" function and not redirecting to appropriate area.

This is what i am trying to do:-

This is my custom authorize attribute:-

public class BusinessAuthorizeFilter:IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        // if action or its controller has AllowAnonymousAttribute do nothing
        if filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute),
           true) ||filterContext.ActionDescriptor.ControllerDescriptor.IsDefined
           (typeof(AllowAnonymousAttribute), true))
            return;


         if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
        {
            RedirectToArea("Login", "Account", "");
            return;
        }



         if (filterContext.HttpContext.User.Identity.IsAuthenticated)
        {

          if (filterContext.HttpContext.User.IsInRole("Owner"))
              route = new RouteValueDictionary{  {"action", "Index"},
                                                 {"controller", "HomeAdmin"},
                                                  {"area", "Admin"}
                                              }
          else if (filterContext.HttpContext.User.IsInRole("Agent"))
               route = new RouteValueDictionary{  {"action", "Index"},
                                                 {"controller", "HomeAgent"},
                                                  {"area", "Agent"}
                                              }

           else
               route = new RouteValueDictionary{  {"action", "Index"},
                                                 {"controller", "HomeSalesRep"},
                                                  {"area", "SalesRep"}
                                              }

              }

         filterContext.Result = new RedirectToRouteResult(route);
}

Please let me know how to make it work.

Thanks in advance.

Solution

i got my code working with below thing(although have some question which i'll post as other question):-

 public override void OnAuthorization(AuthorizationContext filterContext)
    {
         // if action or its controller has AllowAnonymousAttribute do nothing
        if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) ||
            filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
            return;

        bool isAuthorize = base.AuthorizeCore(filterContext.HttpContext);

        if (!isAuthorize==true)
        {
            var result = new ViewResult();
            result.ViewName = "../Error/Unauthorized";
            filterContext.Result = result;
            return;
        }
}

Actually instead of redirecting user here, i simply check whether he's an authorized user or not.

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow