創建過濾器
public class BasicAjaxAuthAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (IsAjaxRequestAndNonExistsSession(filterContext))
{
AlertMessage(filterContext);
}
}
private bool IsAjaxRequestAndNonExistsSession(AuthorizationContext filterContext)
{
return filterContext.HttpContext.Request.IsAjaxRequest() && filterContext.HttpContext.Session == null;
}
private void AlertMessage(AuthorizationContext filterContext)
{
ContentResult errorResult = new ContentResult();
errorResult.Content = new AjaxResult { state = ResultType.error.ToString(), message = "長時間未操作,請重新登錄。" }.ToJson();
filterContext.Result = errorResult;
}
}
應用在Action方法上
[BasicAjaxAuth]
public ActionResult DeleteUser(string userId)
{
...
}