Menu
we are trying some login operations in our ASP.NET MVC project. Our goal is : "If user's IP is not from our intranet, redirect him/her to login page. Else, just go to our index page. We wrote some code but we are inside a loop.
protected void Application_BeginRequest(object sender, EventArgs e)
{
var request = ((System.Web.HttpApplication) sender).Request;
string ip1 = request.UserHostAddress;
string shortLocalIP;
if (ip1 != null && ip1.Contains("."))
{
string[] ipValues = ip1.Split('.');
shortLocalIP = ipValues[0] +"."+ipValues[1];
}
else
{
shortLocalIP = "192.168";
}
//var ip2 = request.ServerVariables["LOCAL_ADDR"];
//var ip3 = request.ServerVariables["SERVER_ADDR"];
if (shortLocalIP != LOCALIP)
{
if ("/Login/User".Equals(request.RawUrl, StringComparison.InvariantCultureIgnoreCase))
{
return;
}
Response.Clear();
Response.Redirect("/Login/User");
Response.End();
}
}
public class LoginController : Controller
{
// GET: Login
public ActionResult User()
{
return View();
}
public ActionResult checkAuthentication(FormCollection collection)
{
bool isAuthenticated = new LdapServiceManager().isAuthenticated(collection);
if (isAuthenticated)
{
Response.Redirect("Home/Index");
}
else
{
Response.Redirect("/Login/User");
}
return null;
}
}
<form class="login-form" action="/Login/checkAuthentication" method="post" novalidate="novalidate">
Application_BeginRequest triggers everytime when we press some button or something else. But we want these operations at the beginning only. Thanks...
Should we use SESSION START in GLOBAL.ASAX??
750
Application_BeginRequest: Fired when an application request is received. It is the first event fired for a request, which is often a page request (URL) that a user enters. Application_EndRequest: The last event fired for an application request.
Application_BeginRequest is an event handler. It is part of the ASP.NET website system.
In this article, we learnt that Global. asax is a file used to declare application-level events and objects. The file is responsible for handling higher-level application events such as Application_Start, Application_End, Session_Start, Session_End, and so on.
You can use ActionFilter for this. Create a class for custom filter, something like this -
public class IntranetAction : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
bool isIPAddressValid = false;//TODO: Check the IP validity here
if (isIPAddressValid)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new
{
controller = "Account", //TODO - Edit as per you controller
action = "Login" //and Action
}));
}
base.OnActionExecuting(filterContext);
}
}
And simply use it over your controller ActionMethod like this for example -
[IntranetAction]
public ActionResult Index()
{
return View();
}
Suugest to go through a good article to get started with custom filters - http://www.asp.net/mvc/overview/older-versions-1/controllers-and-routing/understanding-action-filters-cs
53
Application_BeginRequest will be called on every request made to your server. If you want to execute some logic only on certain action use ActionFilters
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
