Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve found a bug in our application caused when the user’s authentication ticket expires.
The controller is decorated with the Authorize attribute but we were doing some initialization of variables in the controller’s constructor which relied on the user being authenticated.
So where would be the best place to move this initialization code to such that it is not executed if the user is not authenticated (and therefore they will be redirected to the login page)? OnAuthorization?
You could write a custom
AuthorizeAttributeand perform it inside theAuthorizeCoremethod (after calling the base method and ensuring that it returnedtrue).Another possibility is to write a custom model binder to some model which will initialize it and then your controller actions could take this model as argument.