This is my authorize class which overrides the default AurthorizeCore, I’d like to redirect the user to an error page if he’s not authorized. How can I accomplish that?
public class UserAcess : AuthorizeAttribute
{
private UserRepository _userRepo = new UserRepository();
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (isAuthorized)
{
var canUse = this._userRepo.CanUserUseApp(httpContext.User.Identity.Name);
// If you can't use this app, guess what? ERROR PAGE fun times.
if (!canUse)
{
isAuthorized = false;
//redirect the user a view that I've made here.
return isAuthorized;
}
}
var personRole = this._userRepo.getPersonRolebyAdName(httpContext.User.Identity.Name);
//TODO Refactor this so that it checks if it's filled.
httpContext.Session["PersonID"] = personRole.Person.PersonID;
httpContext.Session["PersonRoleID"] = personRole.PersonRoleID;
httpContext.Session["UserName"] = personRole.Person.UserName;
httpContext.Session["Role"] = personRole.Role.Description;
httpContext.Session["FirstName"] = personRole.Person.FirstName;
httpContext.Session["LastName"] = personRole.Person.LastName;
return isAuthorized;
}
}
You could do this by overriding the HandleUnauthorizedRequest method: