/// <summary> /// Puts the BaseUrl and Culture into the ViewBag for all controllers /// </summary> /// <param name="filterContext"></param> protected override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); ViewBag.OperatorSession = OperatorSession; ViewBag.BaseUrl = BaseUrl; ViewBag.Culture = System.Threading.Thread.CurrentThread.CurrentUICulture.Name; if (ClientLicenses.ActiveClientLicense == null || !ClientLicenses.ActiveClientLicense.IsValidLicense) { ViewBag.ShowMenu = false; NotValidLicense(filterContext); return; } ModalMessageHelper.GetInstance().ResetAcknowledgments(); // CheckExpiration(); // no need to do it on every call //ViewBag.ModalMessageHelper = null; CheckAssignoThresholdViews(); } private void NotValidLicense(ActionExecutingContext filterContext) { string invalidLicensePath = "importlicenses"; string currentUrl = Path.GetFileName(Request.Url.AbsolutePath); if (currentUrl.ToLower() != invalidLicensePath) { filterContext.Result = new RedirectResult(@"~/DataMaintenance/ImportLicenses"); } }and here is what we currently have in the Authentication attribute:
public void OnAuthorization(AuthorizationContext filterContext) { var authToken = GetAuthToken(filterContext); if (String.IsNullOrEmpty(authToken)) { NotAuthorized(filterContext); return; } var authenticationProvider = _authenticationProviderFactory.GetService(); var sessionResponse = authenticationProvider.IsValidSession(authToken); if (sessionResponse.IsValidSession) { if (sessionResponse.MustChangePassword) { MustChangePassword(filterContext); return; } var userSession = sessionResponse.OperatorSession; if (_rights.Any()) { foreach (var right in _rights) { if (!userSession.DoesUserHaveRight(right)) { NotAllowed(filterContext); } } } SetAuthTimeoutCookie(filterContext, authenticationProvider.LockTime); } else { NotAuthorized(filterContext); } }Do you think I should have tried to hook there instead? I think I tried that first but was getting some weird behavior. What would you suggest?