ASP。NET MVC强制一个AJAX请求被重定向到登录页面,当模板会话不再活动时。

时间:2022-10-07 16:50:36

I have some AJAX calls that render PartialViewResults via the jQuery.AJAX method. This works great, I get my views rendered exactly the way I want.

我有一些AJAX调用,通过jQuery渲染部分viewresults。AJAX方法。这很好,我得到了我想要的视图。

The problem arises when I leave the page up for a while and the Forms auth session expires. When I click an action that performs an AJAX request, it shows the login page in my div.

当我将页面向上放置一段时间并且表单auth会话过期时,问题就出现了。当我单击执行AJAX请求的操作时,它会在我的div中显示登录页面。

I want it to redirect the WHOLE page to the login page.

我希望它将整个页面重定向到登录页面。

3 个解决方案

#1

23  

Set it up in the Application_EndRequest() method of the Global.asax

在Global.asax的Application_EndRequest()方法中设置它

You can check to see if the request is an ajax request and also check if it is sending an HTTP redirect (302) if it is, then we actuall want to send a 401.

您可以检查请求是否是ajax请求,也可以检查它是否正在发送HTTP重定向(302),如果是,那么我们实际上都想发送401。

protected void Application_EndRequest() {
            var context = new HttpContextWrapper(Context);
            // If we're an ajax request, and doing a 302, then we actually need to do a 401
            if (Context.Response.StatusCode == 302 && context.Request.IsAjaxRequest()) {
                Context.Response.Clear();
                Context.Response.StatusCode = 401;
            }
        }

Then in your client code, in a globally accessible area:

然后在您的客户端代码中,在全局可访问的区域:

MyNamespace.handleAjaxError = function (XMLHttpRequest, textStatus, errorThrown) {
    if (XMLHttpRequest.status == 401) {
        // perform a redirect to the login page since we're no longer authorized
        window.location.replace("logout path");
    }    
    } else {
        MyNamespace.displayGeneralError();
    }
};

  $.ajax({
  type: "GET",
  url: userAdmin.addUserActionUrl,
  success: userAdmin.createUserEditorDialog,
  error: MyNamespace.handleAjaxError
 });

#2

1  

With current versions of ASP.NET MVC there is a much easier solution to fix this issue: Response.SuppressFormsAuthenticationRedirect.

与当前版本的ASP。NET MVC有一个更简单的解决方案来解决这个问题:response.efsformsauthenticationredirect。

You can apply this in your Global.asax.cs:

你可以在你的Global.asax.cs:

protected void Application_BeginRequest(object sender, EventArgs e)
{
    HttpContextWrapper context = new HttpContextWrapper(this.Context);

    if (context.Request.IsAjaxRequest())
    {
        context.Response.SuppressFormsAuthenticationRedirect = true;
    }
}

#3

0  

When I have FormsAuthentication in place, I will include the Login URL in the answer https://*.com/a/3431350/1559213 provided by @Chris Kooken

当我有了FormsAuthentication之后,我将在@Chris Kooken提供的答案https://*.com/a/3431350/1559213中包含登录URL

protected void Application_EndRequest()
    {

        var context = new HttpContextWrapper(Context);
        // If we're an ajax request, and doing a 302, then we actually need to do a 401
        if (Context.Response.StatusCode == 302 && context.Request.IsAjaxRequest() && 
            Context.Response.RedirectLocation.Contains(FormsAuthentication.LoginUrl))
        {
            Context.Response.Clear();
            Context.Response.StatusCode = 401;
        }
    }

#1

23  

Set it up in the Application_EndRequest() method of the Global.asax

在Global.asax的Application_EndRequest()方法中设置它

You can check to see if the request is an ajax request and also check if it is sending an HTTP redirect (302) if it is, then we actuall want to send a 401.

您可以检查请求是否是ajax请求,也可以检查它是否正在发送HTTP重定向(302),如果是,那么我们实际上都想发送401。

protected void Application_EndRequest() {
            var context = new HttpContextWrapper(Context);
            // If we're an ajax request, and doing a 302, then we actually need to do a 401
            if (Context.Response.StatusCode == 302 && context.Request.IsAjaxRequest()) {
                Context.Response.Clear();
                Context.Response.StatusCode = 401;
            }
        }

Then in your client code, in a globally accessible area:

然后在您的客户端代码中,在全局可访问的区域:

MyNamespace.handleAjaxError = function (XMLHttpRequest, textStatus, errorThrown) {
    if (XMLHttpRequest.status == 401) {
        // perform a redirect to the login page since we're no longer authorized
        window.location.replace("logout path");
    }    
    } else {
        MyNamespace.displayGeneralError();
    }
};

  $.ajax({
  type: "GET",
  url: userAdmin.addUserActionUrl,
  success: userAdmin.createUserEditorDialog,
  error: MyNamespace.handleAjaxError
 });

#2

1  

With current versions of ASP.NET MVC there is a much easier solution to fix this issue: Response.SuppressFormsAuthenticationRedirect.

与当前版本的ASP。NET MVC有一个更简单的解决方案来解决这个问题:response.efsformsauthenticationredirect。

You can apply this in your Global.asax.cs:

你可以在你的Global.asax.cs:

protected void Application_BeginRequest(object sender, EventArgs e)
{
    HttpContextWrapper context = new HttpContextWrapper(this.Context);

    if (context.Request.IsAjaxRequest())
    {
        context.Response.SuppressFormsAuthenticationRedirect = true;
    }
}

#3

0  

When I have FormsAuthentication in place, I will include the Login URL in the answer https://*.com/a/3431350/1559213 provided by @Chris Kooken

当我有了FormsAuthentication之后,我将在@Chris Kooken提供的答案https://*.com/a/3431350/1559213中包含登录URL

protected void Application_EndRequest()
    {

        var context = new HttpContextWrapper(Context);
        // If we're an ajax request, and doing a 302, then we actually need to do a 401
        if (Context.Response.StatusCode == 302 && context.Request.IsAjaxRequest() && 
            Context.Response.RedirectLocation.Contains(FormsAuthentication.LoginUrl))
        {
            Context.Response.Clear();
            Context.Response.StatusCode = 401;
        }
    }
标签:

相关文章