我有自定义授权属性:
using System; using System.Web.Mvc; using System.Web.Routing; [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method,Inherited = true,AllowMultiple = true)] public class MyAuthorizeAttribute : AuthorizeAttribute { protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { if (!filterContext.HttpContext.Request.IsAuthenticated) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Login",action = "Login" })); } else { base.HandleUnauthorizedRequest(filterContext); } } }
…我用来装饰某些控制器:
[MyAuthorizeAttribute(Roles = "Superman,Batman,Spiderman")] public class SuperHeroController : Controller { // .... }
任何人都可以解释如何修改授权代码,以便如果授权失败,登录URL包括ReturnUrl(当前控制器/方法的URL)?
这基本上是试图模仿Web表单ReturnUrl逻辑,但是以一种聪明的方式,我不必手动使用字符串作为URL.