asp.net MVC 4中ajax请求的Authorize属性
我有一个操作方法,并使用ajax发布到其中,如下所示:asp.net MVC 4中ajax请求的Authorize属性,ajax,asp.net-mvc,asp.net-mvc-4,authentication,Ajax,Asp.net Mvc,Asp.net Mvc 4,Authentication,我有一个操作方法,并使用ajax发布到其中,如下所示: $.ajax({ url: "/GetSearchCriteria", type: "GET", //these is must cache: false, //these is for IE contentType: "application/j
$.ajax({
url: "/GetSearchCriteria",
type: "GET", //these is must
cache: false, //these is for IE
contentType: "application/json; charset=utf-8",
dataType: "json",
data: {
VehicleId : vehicleId
},
}).done(function (data) {
debugger;
$('#myModal').modal('show');
});
[AjaxAuthorize]
[GET("GetSearchCriteria")]
public ActionResult GetSearchCriteria(VehicleSearchModel model)
{
return Json(model , JsonRequestBehavior.AllowGet);
}
public class AjaxAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext context)
{
if (context.HttpContext.Request.IsAjaxRequest())
{
var urlHelper = new UrlHelper(context.RequestContext);
context.HttpContext.Response.StatusCode = 403;
context.Result = new JsonResult
{
Data = new
{
Error = "NotAuthorized",
LogOnUrl = "/Login" //urlHelper.Action("LogOn", "Account")
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
base.HandleUnauthorizedRequest(context);
}
}
}
$.ajax({
url: "/GetSearchCriteria",
type: "GET", //these is must
cache: false, //these is for IE
contentType: "application/json; charset=utf-8",
dataType: "json",
data: {
VehicleId : vehicleId
},
}).done(function (data) {
debugger;
$('#myModal').modal('show');
});
[AjaxAuthorize]
[GET("GetSearchCriteria")]
public ActionResult GetSearchCriteria(VehicleSearchModel model)
{
return Json(model , JsonRequestBehavior.AllowGet);
}
public class AjaxAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext context)
{
if (context.HttpContext.Request.IsAjaxRequest())
{
var urlHelper = new UrlHelper(context.RequestContext);
context.HttpContext.Response.StatusCode = 403;
context.Result = new JsonResult
{
Data = new
{
Error = "NotAuthorized",
LogOnUrl = "/Login" //urlHelper.Action("LogOn", "Account")
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
base.HandleUnauthorizedRequest(context);
}
}
}
$.ajax({
url: "/GetSearchCriteria",
type: "GET", //these is must
cache: false, //these is for IE
contentType: "application/json; charset=utf-8",
dataType: "json",
data: {
VehicleId : vehicleId
},
}).done(function (data) {
debugger;
$('#myModal').modal('show');
});
[AjaxAuthorize]
[GET("GetSearchCriteria")]
public ActionResult GetSearchCriteria(VehicleSearchModel model)
{
return Json(model , JsonRequestBehavior.AllowGet);
}
public class AjaxAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext context)
{
if (context.HttpContext.Request.IsAjaxRequest())
{
var urlHelper = new UrlHelper(context.RequestContext);
context.HttpContext.Response.StatusCode = 403;
context.Result = new JsonResult
{
Data = new
{
Error = "NotAuthorized",
LogOnUrl = "/Login" //urlHelper.Action("LogOn", "Account")
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
base.HandleUnauthorizedRequest(context);
}
}
}
$(function () {
$(document).ajaxError(function (e, xhr) {
debugger;
if (xhr.status == 403) {
var response = $.parseJSON(xhr.responseText);
window.location = response.LogOnUrl;
}
});
});
请建议如何做。将AttributeUsage添加到您的类中:
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class,
AllowMultiple = false, Inherited = true)]
public class AjaxAuthorizeAttribute : AuthorizeAttribute { ... }
请确保在
控制器[Authorize]因为如果是这样,您的自定义
[AjaxAuthorize]