使用自定义错误消息从 AuthorizeCore 重定向到另一个控制器

Redirect from AuthorizeCore to another controller with custom error message

所以我试图向用户显示一条消息,当他从他无权查看的页面重定向时。示例:用户转到 www.mypage.com/users 并被重定向到 www.mypage.com/home.

我使用 MVC 模式,它是 asp.net 网络应用程序。 我覆盖 AuthorizeAttribute 并在 AuthorizeCore 方法中尝试这样做:

protected override bool AuthorizeCore(HttpContextBase httpContext)
        {


            if (false)//Here is custom logic that is working
            {
                string message = "You don't have an access to selected menu item.";
                var dataDict = HttpContext.Current.Session["__ControllerTempData"] as IDictionary<string, object>;
                if (dataDict == null)
                {
                    Dictionary<string, object> dictionary = new Dictionary<string, object>();
                    dictionary["myErrorMessage"] = message;
                    HttpContext.Current.Session["__ControllerTempData"] = dictionary;
                }
                else
                {
                    dataDict["myErrorMessage"] = message;
                    HttpContext.Current.Session["__ControllerTempData"] = dataDict;
                }

                _isAuthorized = false;

                httpContext.Response.Redirect("Home");                
            }
            else
            {
                _isAuthorized = base.AuthorizeCore(httpContext);
            }

            return _isAuthorized;
        }

然后我尝试从视图中访问它

var unauthorized_access_message = TempData["myErrorMessage"] as List <string> ?? new List<string>() ;

但是不行。我也试过 this,但情况并非如此,因为我试图访问一个控制器然后重定向到另一个控制器。 是否有任何解决方案可以将变量传递给视图或检查视图中的某些状态(如重定向原因)?

而不是 AuthorizeCore,您能否覆盖 OnAuthorization,您可以在其中直接从 Controller 访问 TempData

public override void OnAuthorization(AuthorizationContext filterContext)
{
    if (false)
    {
        filterContext.Controller.TempData["myErrorMessage"] =
            "You don't have an access to selected menu item.";
    }
    base.OnAuthorization(filterContext);
}

用法

string unauthorized_access_message = (TempData["myErrorMessage"] ?? "").ToString();

我用Cookie解决了。

在 CustomAuthorizeAttribute:AuthorizeAttribute 中设置 cookie class:

protected override bool AuthorizeCore(HttpContextBase httpContext)
            {

                if (false)
                {
                    HttpCookie mycookie= new HttpCookie("unauthorize_error", "You do not have access to requested link.");
                    httpContext.Response.SetCookie(mycookie);
                    httpContext.Response.Redirect("Home");
                    return false;
                }
                else
                {
                    return base.AuthorizeCore(httpContext);
                }
            }

然后在控制器中:

string cookieValue = string.Empty;
            if (Request.Cookies["myCookieName"] != null
                && !string.IsNullOrEmpty(Request.Cookies["myCookieName"].Value))
            {
                cookieValue = Request.Cookies["myCookieName"].Value;
                var myCookie = new System.Web.HttpCookie("myCookieName");
                myCookie.Expires = System.DateTime.Now.AddDays(-1d);
                Response.Cookies.Add("myCookieName");
            }
var messages = TempData["mytemperror"] as List<string> ?? new List<string>();
            messages.Add(message);
            TempData["myTempError"] = messages;

终于看到了:

var errorMessage = TempData["myTempError"] as List<string> ?? new List<string>();