public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
bool skipAuth = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)
|| filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
if (skipAuth) {
return;
} else {
if (!filterContext.HttpContext.User.Identity.IsAuthenticated) {
if (filterContext.HttpContext.Request.Path.ToLowerInvariant() != SiteFilename.LoginURL.ToLowerInvariant()) {
filterContext.Result = new RedirectResult(String.Format("{0}?returnUrl={1}", SiteFilename.LoginURL, HttpUtility.UrlEncode(filterContext.HttpContext.Request.Path)));
} else {
filterContext.Result = new RedirectResult(SiteFilename.LoginURL);
}
return;
}
}
if (filterContext.Result is HttpUnauthorizedResult) {
filterContext.Result = new RedirectResult(SiteFilename.NotAuthorizedURL);
}
}
