How do you deal with authorisation on actions that return results other than ViewResult?

I am using a custom authorization filter on my ASP.NET MVC controllers that redirects the user to a url other than the login screen if they fail authorisation on a particular action. This is ok for actions that return views, but many of my actions return other result types such as PartialResult or JsonResult. My current filter looks like this: > This indicates that if the user is not in the ServerAccess role then they should be redirected to /Home/Unauthorised/ I am curious how other people are handling this? This seems particularly problematic when you consider the number of actions that are intended to only be called by client-side script AJAX calls. How can the /Home/Unauthorised/ action know whether the caller was intended to receive a view, partialview, json, content, etc?

以上就是How do you deal with authorisation on actions that return results other than ViewResult?的详细内容,更多请关注web前端其它相关文章!

赞(0) 打赏
未经允许不得转载:web前端首页 » JSON 答疑

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

前端开发相关广告投放 更专业 更精准

联系我们

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏