an exception that is thrown by the session
Xiao Zhao just entered the company, was involved in a practical project, the project is using ASP.net MVC. It took about 2 weeks for Xiao Zhao to complete all the functions and submit it to QA test.
After a day, QA sent back the test results, Xiao Zhao over again, found that the original to do things, inside the problem so much.
One of the bugs is this:
Use Firefox login to enter the system, then open a tab, into the System page, click Logout. In the back to the Previous tab page, click the Save button, there is a JS error. The user should be transferred to the landing page at this time.
Xiao Zhao saw this bug, some stunned, did not expect QA to use such a "violent" way to test their own procedures. Clicking on the logout on the Other tab will cause the session to be emptied, so that clicking on the Save button on the first tab will result in an exception to the Ajax method invoked.
But how do you handle the exception that is thrown by this "abnormal" operation? two, using filter in MVC to validate the session
Small Zhao checked the data, found that MVC in the Authorizationfilter in the actual access to controller before, intercept the request, this time here can be the validity of the session check, if found session invalidation, the user to the landing page. (About MVC filter can point here)
[AttributeUsage (AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, inherited = True)] public
class Myauthorizeattribute: FilterAttribute, Iauthorizationfilter
{public
void onauthorization (AuthorizationContext filtercontext)
{
var loginuser = filtercontext.httpcontext.session[' User '];
When user has not login yet
if (loginuser = null)
{
var redirecturl = Constantprovider.loginurl + "? Redirectpath= "+ filterContext.HttpContext.Request.Url;
Filtercontext.result = new Redirectresult (redirecturl);
return;}}
third, in the case of AJAX requests, the processing of session failure
In an AJAX request, if you encounter a session expiration, using the above method is not able to achieve the effect. Implementation of the idea is that if the discovery is an AJAX request, return a specific format of the JSON data, the client for this data processing, found that there is a session failure, jump to the login page.
First, expand our myauthorizeattribute.
[AttributeUsage (AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, inherited = True)] public class Myauthorizeattribute:filterattribute, IAu thorizationfilter {public void onauthorization (AuthorizationContext filtercontext) {var loginuser
= filtercontext.httpcontext.session["User"]; When user has not login yet if (Loginuser = null) {var redirecturl = Constantprov Ider. Loginurl + "?
Redirectpath= "+ filterContext.HttpContext.Request.Url; if (!filtercontext.httpcontext.request.isajaxrequest ()) {Filtercontext.result = new Redi
Rectresult (RedirectURL);
else {filtercontext.result = new Jsonresult
{Data = new { Success = false, message = string.
Empty, Redirect = RedirectURL
}
};
} return;
}
}
It is judged that if the request is from Ajax, a JSON result is returned and the client processes the following code:
$.ajax ({
type: POST),
URL: "@Url. Contactinfoajax ()",
success:function (msg) {
if (msg). Success) {
...
}
if (Msg. Redirect) {
window.location = Msg. Redirect
}}
);