How to redirect unauthorize Ajax reqest on Controller to login page? .

Question

[Authorize]
public class MyController : BaseController
{
    [PermissionAuthorize]
    public ActionResult GridData()
    {
        return Json(data, JsonRequestBehavior.AllowGet);
    }
}

I have Created PermissionAuthoize attribute for check permission of user on particular action. I have a problem After the User session or ticket is expire at that time if user send ajax requrest to Controller then Authorize attribute reject the request and return as html login form to user.this region user think app is not performing. its show the bad impact to user.

so , i want to redirect to user to login page if they send ajax request on ticket expire.

Can i create one other authorize attribute for controller is it gud way?

Answer 1

The first thing you need to do is to configure the forms authentication module to stop redirecting to the logon page when 401 is thrown. Phil Haack wrote a nice article about how this could be achieved.

Once you do that you will be able to capture 401 HTTP status codes on the client. So you could write a global ajax handler that will redirect to the logon page when 401 status code is sent from the server (which will happen when the forms authentication ticket expires or the user is not authenticated at all):

$(document).ajaxError(function(event, jqxhr, settings, exception) {
    if (jqxhr.status == 401) {
        // unauthorized
        window.location.href = '/logon';
    }
});

Answer 2

Following code might help you:

$.ajax({
    url: 'url',    
    statusCode: {
        404: function() {
            //page not found
        },
        200: function() {
            //ok, do your stuff
        },
        302: function() {
            //redirect - check if url contains login and do redirect            
        }
    }
})

Basically you can only check for redirects and do regular stuff in success/error callbacks, but when you get redirect http header you change window.location.href to desired login page