问题
We are using our first website that will give the users the choice of either using our standard .net membership provider or facebook using the facebook c# sdk (awesome sdk by the way!).
We have handled most of it but need to restrict access to certain areas based on the user being logged in or not. In the past with pure .net membership we used the [Authorize] attribute on the method, however if the user is logged in using facebook then this is false.
I know I can try to roll our own dataannotation extension. Or I could just manually try one or the other. I know there is also the FacebookAuthorization annotation. I would ideally like to use these annotations (as both would go to the same login page if the user is not logged in).
Does anyone have a good example of a site using mixed membership using some dataannotation? Or a dataannotation extension?
Thanks in advance
回答1:
Call the standard FomsAuthentication.SetAuthCookie method upon completing the Facebook OAuth flow. The Authorize attribute should then work properly.
回答2:
We have used a global filter attribute. We've created that one our self. If somebody has a better idea, I'm open for suggestions!
来源:https://stackoverflow.com/questions/7139792/how-to-use-authorize-and-facebookauthorize-in-mvc3-web-app-using-mixed-membe