0

I use AuthorzieAttribute for authentication and authorization in my web application. How do I change HandleUnauthorizedRequest method that is compatible with the principle of inversion of control (IOC)?

public class AuthorizeUser : AuthorizeAttribute
{
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        return SessionContext.GetCurrentUser() != null ? true : false;
    }
    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        filterContext.Result = new RedirectToRouteResult(
                    new RouteValueDictionary(
                        new
                        {
                            returnUrl = filterContext.HttpContext.Request.Url,
                            Area = "",
                            controller = "Account",
                            action = "Login"
                        })
                    );
    }
}
hossein sedaghat
  • 19
  • 7
  • To start, relying on abstractions instead of implementation is a big part of IoC. You can then use configuration to determine which concrete classes implement your abstractions. Take a look here for some more info: http://stackoverflow.com/questions/770039/examples-of-ioc-containers – awh112 Feb 02 '17 at 20:26
  • [this](https://www.cuttingedge.it/blogs/steven/pivot/entry.php?id=98) may help – qujck Feb 02 '17 at 21:00
  • You can only use ***Property Injection*** in filter. Where do you get stuck exactly? – Win Feb 02 '17 at 22:37
  • I've created a new object in the HandleUnauthorizedRequest method(RedirectToRouteResult , RouteValueDictionary).I instead I use dependency injection.How can I do this? – hossein sedaghat Feb 03 '17 at 16:52

1 Answers1

0

Answer:

protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
     filterContext.HttpContext.Response.RedirectToRoute(new { controller = "Account", action = "Login", returnUrl = filterContext.HttpContext.Request.Url });
}
hossein sedaghat
  • 19
  • 7