Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
616 views
in Technique[技术] by (71.8m points)

asp.net mvc - Handling session time out when ajax call to C# mvc controller not working

When calling a function from ajax. Program flow does not recognized the expired session i.e not redirect to the login page. Instead of that, it saves the record. I am working in c# .net mvc. So how can i handle session while ajax call. Here i gave my codes.

 $.ajax({ 
            type: "POST",
            url:'/Employee/SaveEmployee',
            data:
            {
                Location:$("#txtLocation").val(), 
                dateApplied:$("#txtDateApplied").val(), 
                Status:$("#ddStatus").val(), 
                mailCheck:$("#ddMailCheck").val(),
                ...
                ...
                ... 
            },
            success: function (result) 
            {

            },
            error: function (msg) 
            {
            }
      });

Here the controller

[Authorize]
public string SaveEmployee(string Location, string dateApplied, string Status, string mailCheck, ...)
{
      objEmpMain.FirstName = firstName;
      objEmpMain.LastName = lastName;
      objEmpMain.Initial = Initial;
      objEmpMain.Address1 = Address;
      ...
      ... 
      ...
} 
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

The result of your AJAX call will still likely end up appearing successful (although, don't worry, it won't actually execute your action method), and invoke your success handler. This is because you are expecting HTML, and that is what you are receiving (albeit, the resulting HTML is likely your login page, and not the HTML you wanted). As an aside, if you expected JSON (using dataType:'JSON'), it would trigger an error, because it would be parsing HTML as JSON.

What you need to do is prevent FormsAuth from redirecting the login page for AJAX requests. Now, AuthorizeAttribute faithfully returns a NotAuthorizedResult, which sends an HTTP 401 Not Authorized response to the client, which is ideal for your AJAX client.

The problem is that FormsAuth module checks the StatusCode and if it is 401, it performs the redirect. I've combatted this issue in this way:

1) Create my own derivative type of AuthorizeAttribute that places a flag inHttpContext.Items to let me know authorization failed, and I should force a 401 rather than a redirect:

public class AjaxAuthorizeAttribute : AuthorizeAttribute
{
    /// <summary>
    /// Processes HTTP requests that fail authorization.
    /// </summary>
    /// <param name="filterContext">Encapsulates the information for using <see cref="T:System.Web.Mvc.AuthorizeAttribute"/>. The <paramref name="filterContext"/> object contains the controller, HTTP context, request context, action result, and route data.</param>
    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
    {
        if (filterContext.HttpContext.Request.IsAjaxRequest()) filterContext.HttpContext.Items["AjaxPermissionDenied"] = true;

        base.HandleUnauthorizedRequest(filterContext);
    }
}

2) Add to your Global.asax.cs:

    protected void Application_EndRequest(Object sender, EventArgs e)
    {
        if (Context.Items["AjaxPermissionDenied"] is bool)
        {
            Context.Response.StatusCode = 401;
            Context.Response.End();
        }
     }

3) Add a statusCode handler to your jQuery AJAX setup:

$.ajaxSetup({
    statusCode: {
        401: function() {
            window.location.href = "path/to/login";
        }
    }
});

4) Change the controllers or actions where you want this behavior from using AuthorizeAttribute to AjaxAuthorizeAttribute:

[AjaxAuthorize]
public string SaveEmployee(string Location, string dateApplied, string Status, string mailCheck, ...)
{
      objEmpMain.FirstName = firstName;
      objEmpMain.LastName = lastName;
      objEmpMain.Initial = Initial;
      objEmpMain.Address1 = Address;
      ...
      ... 
      ...
} 

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...