How to create a custom attributes that derive from AuthorizeAttribute?

Question

After a user has create an account, he/she needs to create a profile where he/she submits some information that will be used letter. I have 2 such controllers that need information from the user's profile.

I'm trying to create an attribute that will check whether the user has already created the profile before letting him access any action methods. If not, the user should be redirected to the profile page.

public class NotAuthorizedWithoutProfileAttribute : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        var userName = httpContext.Profile.UserName;
        var repository = new OWRepository();
        var userInfo = repository.GetUserInfo(userName);

        if (userInfo == null)
            return false;
        else
            return true;
    }
}

The problem I am having is the concerning the userName, i.e. the following line

var userName = httpContext.Profile.UserName;

Why is it giving null? Yet this is how I've getting the logged user's name.

Answer 1

I don't know what Your profile configuration is but it's safest to use HttpContextBase.User.Identity.Name to get user name.

Also consider changing your class name to something shorter but also meaningful like RequireProfileAttribute.