Asp.net mvc 防止执行和筛选操作_Asp.net Mvc

Asp.net mvc 防止执行和筛选操作

asp.net-mvc

Asp.net mvc 防止执行和筛选操作,asp.net-mvc,Asp.net Mvc,我有这个过滤类 public class Sessional : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpSessionStateBase session = filterContext.HttpContext.Session;

我有这个过滤类

 public class Sessional : ActionFilterAttribute
    {    
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            HttpSessionStateBase session = filterContext.HttpContext.Session;
            LoggedUserInfo user = (LoggedUserInfo)session["User"];

            if ((user == null && !session.IsNewSession) || (session.IsNewSession))
            {
                UrlHelper urlHelper = new UrlHelper(filterContext.RequestContext);
                string loginUrl = urlHelper.Content("~/Account/LogOut");
                FAuth.AbandonSession();
                FormsAuthentication.SignOut();
                filterContext.HttpContext.Response.Redirect(loginUrl, true);
            }
        }
    }

当我在控制器上应用它时，如果会话不可用，所有操作都将注销用户。但我想写一个属性，它允许唯一的操作在不注销的情况下执行其工作，例如UnSessional

 [Authorize] 
    [Sessional]
    public class ReportController : Controller
    {
        [HttpGet] 
        [UnSessional]
        public ActionResult GetReport() //unsessional action
        {
            return View();
        }

        [HttpPost]
        public ActionResult GetReport(GetReportModel model) //sessional action
        {
            if (!ModelState.IsValid)
            {
                return View();
            }
            return View();
        }
    }

您可以检查当前操作是否存在“UnSessionAttribute”，以下是示例代码：

 public override void OnActionExecuting(ActionExecutingContext filterContext)
        {

            if(filterContext.ActionDescriptor.GetCustomAttributes(typeof(UnSessionAttribute), true).Length > 0)
            {
                  return;
            }

            HttpSessionStateBase session = filterContext.HttpContext.Session;
            LoggedUserInfo user = (LoggedUserInfo)session["User"];

            if ((user == null && !session.IsNewSession) || (session.IsNewSession))
            {
                UrlHelper urlHelper = new UrlHelper(filterContext.RequestContext);
                string loginUrl = urlHelper.Content("~/Account/LogOut");
                FAuth.AbandonSession();
                FormsAuthentication.SignOut();
                filterContext.HttpContext.Response.Redirect(loginUrl, true);
            }
        }