我怎么可能最好使用[授权]属性使用Ajax和部分看法？ [英] How may I best use the [Authorize] attribute with Ajax and Partial Views?

问题描述

我正要使用 [授权] 上，通过Ajax的返回局部视图操作;但我没有得到的行为我想（虽然它的行为我预期）。

I was about to use [Authorize] on Actions that return partial views through Ajax; but I'm not getting the behavior I'd like (although its the behavior I expected).

这似乎是一个长镜头;但是，有什么办法来扩展这个属性为突围AJAX调用和整个页面重定向到登录界面？ （相对于返回登录屏幕的任何位置，我给自己定UpdateTargetId？）

It seems like a long shot; but, is there any way to extend this attribute to "break out" of an AJAX call and redirect the entire page to the login screen? (As opposed to returning the login screen to whatever location I've set UpdateTargetId?)

我想我有，我怎么会做这样在每一个特定的Ajax调用的处理，但如果我能以某种方式集中这一点，它会节省大量的code ...

I think I have a handle on how I'd do this on each of the specific Ajax calls, but if I could centralize this somehow, it'd save a lot of code...

推荐答案

AuthorizeAttribute不会为你做这一点，但您就可以集中code。创建一个新的属性，它返回HTTP状态code 401（未授权）时，当前没有用户登录是在你的Site.Master引用的JavaScript文件，处理jQuery的$ .ajaxError事件。查找HTTP 401响应状态code和重定向到通过JavaScript您的登录页面。现在，任何Ajax调用，您通过jQuery做最终会在这里，如果当前未授权用户。

AuthorizeAttribute won't do this for you, but you can centralize your code. Create a new attribute which returns http status code 401 (not authorized) when no user is currently logged in. In a JavaScript file referenced by your site.master, handle the jQuery $.ajaxError event. Look for http 401 in the response status code and redirect to your login page via JavaScript. Now any Ajax call which you make via jQuery will end up here if the current user is not authorized.

这篇关于我怎么可能最好使用[授权]属性使用Ajax和部分看法？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！