I have a problem with the fact that when a user disconnects on my site, they are registered anyway. That way they can still execute the ajax request. If they execute an ajax request on my site, my asp.net mvc authorization tag will stop this.
Usually, authorization redirects the user to the login page if they are not authorized.
Now, since this is an ajax request, it looks like it is sending the whole page back, presented as html. Therefore, the user never receives the redirect, since I just received the whole page sent to me as html.
However, firebug says this in the console:
http://localhost:3668/Account/signIn?ReturnUrl="return "(this is not in the actual url string in the web browser, so I canβt go up there and get it. It seems to me that I can only see it through firebug.)
So I'm not sure, but maybe if I could somehow grab this url from my errorCallback scope, that would be great.
Since from my testing the error code is not returned (200 OK is sent). Instead, I just get a parsing error (hence why errorCallback is called), but I cannot assume that every time I get a parsing error, it means the user has logged off.
I need something better. The only other option is to look too much at the answer and see how the key works, and see if this is the main page, which, in my opinion, is not so important to do this.