best place in MVC for user expiration
I have an ASP.NET MVC web app which has a really basic subscription system on it.
My question relates to where the best place is to implement the subscription end date. At the moment, the following code resides in the Site.master:
if (Profile.expires < DateTime.Today)
{
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
}
So whenever anyone hits any page, this codes checks as to whether their username has expired.
I am obviously going to move this code out of the Site.master page and into Model.Helpers (or something like that), however i was wondering if the code should still be called from somewhere else (keeping in context with the MVC pattern). obviously i will move the code out of the site.master and into, for example, Model.Helpers.Validate()
from there, the possibilities, as i see it, are:
- call the method from site.master
- implement the method in the global.asax file, for instance with a route constraint.
- implement the method somehow via attributes on all开发者_StackOverflow中文版 the actions (not sure if this is possible or how to do it)
can anyone suggest which way may be the best? if there is another alternative that most closely follows the MVC design pattern, please let me know. I'd really like to do this the 'right' way :)
I usually put this into a base controller by overriding the onAuthorization method.
You can also use Application.AuthenticateRequest inside the Global.asax file. Also, move all the authorization code into a service (AuthorizationService).
var authorizationService = new AuthorizationService();
if(authorizationService.IsSubscribtionExpiredForUser(user))
{
// redirect to login page
}
精彩评论