Facebook ASP.NET MVC App with multiple controllers

I am using the Facebook C# SDK to develop an iframe Faceb开发者_StackOverflow社区ook application.

I looked at the example and find this piece of code to do authorization in a controller:

namespace Auth_And_Allow.Controllers
{
    [HandleError]
    public class HomeController : Controller
    {
        [CanvasAuthorize(Perms = "user_about_me")]
        public ActionResult Index()
        {
            FacebookApp fbApp = new FacebookApp();
            if (fbApp.Session != null)
            {
                dynamic result = fbApp.Get("me");

                ViewData["Firstname"] = result.first_name;
                ViewData["Lastname"] = result.last_name;
            }

            return View();
        }
    }
}

But what should i do if my app is using a lot more then one controller?

Should i use the same authorization code in all controllers or is there another way? (I know it will work that way but right now i am searching for best practices to build facebook apps)

The CanvasAuthorize attribute will ensure that your user is logged in and has the appropriate permissions. You dont need to check this again by checking if the Session is null. Additionally, the CanvasAuthorize attribute (like the regular Authorize attribute) can be applied to you controllers as well as your actions. I would just do something like this:

[CanvasAuthorize(Perms = "user_about_me")]
public class FirstController : Controller {


}

[CanvasAuthorize(Perms = "user_about_me")]
public class SecondController : Controller {

}

Make sure you use the Controller extensions named CanvasRedirect accessed by this.CanvasRedirect inside a controller with the Facebook.Web.Mvc namespace referenced. These redirect helpers will ensure that you redirect correctly and dont "lose" the user's session.