Uploadify (sessione e autenticazione) con ASP.NET MVC

Quando utilizzo il filtro Autorizza su un’azione o un controller utilizzato da uplodify ( http://www.uploadify.com/ ) l’azione non viene raggiunta …

inoltre la sessione non viene recuperata.

Ho trovato questo per recuperare la sessione utente:

http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx

Ma come usarlo con il filtro [Authorize] e la sessione recuperata?

    Per correggere ciò, propongo una soluzione … Inviare il valore del cookie auth e il valore del cookie dell’ID di sessione con uploadify e ricrearlo prima che la sessione venga recuperata.

    ecco il codice da impiantare nella vista:

      

    E poi in Global.asax:

     protected void Application_BeginRequest(object sender, EventArgs e) { /* we guess at this point session is not already retrieved by application so we recreate cookie with the session id... */ try { string session_param_name = "ASPSESSID"; string session_cookie_name = "ASP.NET_SessionId"; if (HttpContext.Current.Request.Form[session_param_name] != null) { UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]); } else if (HttpContext.Current.Request.QueryString[session_param_name] != null) { UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString[session_param_name]); } } catch { } try { string auth_param_name = "AUTHID"; string auth_cookie_name = FormsAuthentication.FormsCookieName; if (HttpContext.Current.Request.Form[auth_param_name] != null) { UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]); } else if (HttpContext.Current.Request.QueryString[auth_param_name] != null) { UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString[auth_param_name]); } } catch { } } private void UpdateCookie(string cookie_name, string cookie_value) { HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name); if (null == cookie) { cookie = new HttpCookie(cookie_name); } cookie.Value = cookie_value; HttpContext.Current.Request.Cookies.Set(cookie); } 

    E voilà, con quel metodo è totalmente trasparente.

    spero che aiuti alcuni !! 😉

    MODIFICATO : utilizzare formData anziché scriptData

    Questa soluzione funziona alla grande. Ho tradotto il codice in vb se qualcuno lo desidera:

      Protected Sub Application_BeginRequest(ByVal sender As Object, ByVal e As System.EventArgs) 'we guess at this point session is not already retrieved by application so we recreate cookie with the session id... Try Dim session_param_name = "ASPSESSID" Dim session_cookie_name = "ASP.NET_SessionId" If Not HttpContext.Current.Request.Form(session_param_name) Is Nothing Then UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form(session_param_name)) ElseIf Not HttpContext.Current.Request.QueryString(session_param_name) Is Nothing Then UpdateCookie(session_cookie_name, HttpContext.Current.Request.QueryString(session_param_name)) End If Catch ex As Exception End Try Try Dim auth_param_name = "AUTHID" Dim auth_cookie_name = FormsAuthentication.FormsCookieName If Not HttpContext.Current.Request.Form(auth_param_name) Is Nothing Then UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form(auth_param_name)) ElseIf Not HttpContext.Current.Request.QueryString(auth_param_name) Is Nothing Then UpdateCookie(auth_cookie_name, HttpContext.Current.Request.QueryString(auth_param_name)) End If catch ex As Exception End Try End Sub Private Sub UpdateCookie(ByVal cookie_name As String, ByVal cookie_value As String) Dim cookie = HttpContext.Current.Request.Cookies.Get(cookie_name) If cookie Is Nothing Then cookie = New HttpCookie(cookie_name) End If cookie.Value = cookie_value HttpContext.Current.Request.Cookies.Set(cookie) End Sub 

    Ecco la parte per l’assegnazione della variabile javascript:

     var auth = "<%=IIf(Request.Cookies(FormsAuthentication.FormsCookieName) Is Nothing, "", Request.Cookies(FormsAuthentication.FormsCookieName).Value)%>"; var ASPSESSID = "<%=Session.SessionID%>"; 

    Forse qualcuno che lavora in VB può trarne beneficio.

    Per codice convertito VB * avviare il blocco di codice con <% # anziché <% =

    vale a dire

     var auth='<%# IIf(Request.Cookies(FormsAuthentication.FormsCookieName) Is Nothing, "", Request.Cookies(FormsAuthentication.FormsCookieName).Value)%>'; var ASPSESSID = '<%# Session.SessionID%>';