jquery - ASP.NET MVC Authorize Attribute to launch a modal?

Question

I am working on a site that makes use of jquery modal dialogs to do various things like logging in and such.

However; we have one slight issue with the use of these.. which is we are using the [Authorize] attribute on a lot of our action methods and so what is happening is if the user is not logged in and hits a route that they need to be authorized for it shows the login page like it is suppose to but obviously this is suppose to be a modal.

Anyhow long story short, is there a way to create a custom authorize attribute that can trigger the modal instead of the actual view that makes up the login modal?

Answer 1

In this case you can use a custom action filter attribute that opens a popup if the user is not authorized.
In this action filter just check if user is logged in and add a boolean value to the ViewData collection.
Aplly the attribute on the controller's action.
Then in the master page add conditional rendering of code that opens the popup.

The code for the attribute:

[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class PopupAuthorizeAttribute : AuthorizeAttribute
{
    private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
    {
        validationStatus = this.OnCacheAuthorization(new HttpContextWrapper(context));
    }

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        bool isAuthorized = false;
        if (filterContext == null)
        {
            throw new ArgumentNullException("filterContext");
        }
        if (this.AuthorizeCore(filterContext.HttpContext))
        {
            HttpCachePolicyBase cache = filterContext.HttpContext.Response.Cache;
            cache.SetProxyMaxAge(new TimeSpan(0L));
            cache.AddValidationCallback(new HttpCacheValidateHandler(this.CacheValidateHandler), null);
            isAuthorized = true;
        }

        filterContext.Controller.ViewData["OpenAuthorizationPopup"] = !isAuthorized;
    }
}

In the master page or other common view add conditional rendering:

<% if((bool)(ViewData["OpenAuthorizationPopup"] ?? true)) { %>
 ...Your code to open the popup here...
<% } %>