问题:
从ajax调用函数时.程序流程无法识别过期的会话,即不会重定向到登录页面.而不是那样,它保存了记录.我在c#.net mvc工作.那么如何在ajax调用时处理会话.我给了我的代码.
$.ajax({
type: "POST",url:'/Employee/SaveEmployee',data:
{
Location:$("#txtLocation").val(),dateApplied:$("#txtDateApplied").val(),Status:$("#ddStatus").val(),mailCheck:$("#ddMailCheck").val(),...
...
...
},success: function (result)
{
},error: function (msg)
{
}
});
控制器:
[Authorize]
public string SaveEmployee(string Location,string dateApplied,string Status,string mailCheck,...)
{
objEmpMain.FirstName = firstName;
objEmpMain.LastName = lastName;
objEmpMain.Initial = Initial;
objEmpMain.Address1 = Address;
...
...
...
}
您的AJAX调用的结果仍可能最终显示成功(但不要担心,它实际上不会执行您的操作方法),并调用您的成功处理程序.这是因为您期待HTML,这就是您所接收的内容(尽管如此,生成的HTML可能是您的登录页面,而不是您想要的HTML).顺便说一下,如果你期望JSON(使用dataType:’JSON’),它会触发错误,因为它会将HTML解析为JSON.
您需要做的是阻止FormsAuth重定向AJAX请求的登录页面.现在,AuthorizeAttribute忠实地返回一个NotAuthorizedResult,它向客户端发送HTTP 401 Not Authorized响应,这对您的AJAX客户端来说是理想的.
问题是FormsAuth模块检查StatusCode,如果它是401,它执行重定向.我用这种方式解决了这个问题:
创建我自己的衍生类型的AuthorizeAttribute,它在HttpContext.Items中放置一个标志,让我知道授权失败,我应该强制401而不是重定向:
public class AjaxAuthorizeAttribute : AuthorizeAttribute
{
/// <summary>
/// Processes HTTP requests that fail authorization.
/// </summary>
/// <param name="filterContext">Encapsulates the information for using <see cref="T:System.Web.Mvc.AuthorizeAttribute"/>. The <paramref name="filterContext"/> object contains the controller,HTTP context,request context,action result,and route data.</param>
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAjaxRequest()) filterContext.HttpContext.Items["AjaxPermissionDenied"] = true;
base.HandleUnauthorizedRequest(filterContext);
}
}
添加到您的Global.asax.cs:
protected void Application_EndRequest(Object sender,EventArgs e)
{
if (Context.Items["AjaxPermissionDenied"] is bool)
{
Context.Response.StatusCode = 401;
Context.Response.End();
}
}
为jQuery AJAX设置添加一个statusCode处理程序:
$.ajaxSetup({
statusCode: {
401: function() {
window.location.href = "path/to/login";
}
}
});
将您希望此行为的控制器或操作从使用AuthorizeAttribute更改为AjaxAuthorizeAttribute:
[AjaxAuthorize]
public string SaveEmployee(string Location,...)
{
objEmpMain.FirstName = firstName;
objEmpMain.LastName = lastName;
objEmpMain.Initial = Initial;
objEmpMain.Address1 = Address;
...
...
...
}