With the help of friend-friends, I was able to find a solution to my problem from this topic: A reusable way to allow one person to use an account at a time
I have a SingleLogin class that inherits from AuthorizeAttribute and implements its own AuthorizeCore method to reuse my code with one login:
protected override bool AuthorizeCore(HttpContextBase httpContext) { bool isAuthorized = base.AuthorizeCore(httpContext); if (isAuthorized) { int userId = (int)WebSecurity.CurrentUserId; using (var db = new UsersContext()) { if ((httpContext.Session.SessionID != db.getSessionId(userId)) || db.getSessionId(userId) == null) { WebSecurity.Logout(); isAuthorized = false; httpContext.Response.Redirect("/Home/Index"); } } } return isAuthorized; }
Everything works fine except for my JsonResult action:
[HttpPost] public JsonResult MessageSave(string message) { bool messageSaved = false; int userId = (int)WebSecurity.CurrentUserId; message = HttpUtility.HtmlEncode(message);
This method is initiated by an AJAX POST call, which you can see in the code example below. Just a basic POST.
EDIT 3 Please check these images: http://imgur.com/a/Cjael .. Hmm, I think POST launches, but has no idea why my warning does not work when I try to check it before $ .ajax. .. As you can see in response, I have a Home / Index page, but I am not redirected to the home / index immediately (the text remains inside the text field and the page just waits ..), I need to click again to redirect .. Very strange.
EDIT2 It seems like I can't even access my jQuery even after I log out. I put some warnings inside my .js file.
I have a separate .js file which is then placed into my View as <script src="~/Scripts/custom/homeChat.js"></script> . I am passing Razor values from View to my JS file via HTML5 data.
My textBox #txtMsg element fires a jQuery event, so when I log out, it probably no longer recognizes my textBox element and does not trigger a jQuery event?
The element that runs .js in the view: @Html.TextBox("txtMsg")
JS:
$("#txtMsg").keypress(function (e) { //when enter if (e.which == 13) { alert("ALERT DOESNT TRIGGER"); $.ajax({ type: "POST", url: url, data: JSON.stringify({ message: input }), contentType: "application/json; charset=utf-8", dataType: "json", success: function (data) { if (data.messageSaved) { $("#txtMsg").val(""); } else { window.location.href = urlhome; } } }); } } });
So, if you can’t even come to your event, how can you know that something went wrong? I have this ˙HandleUnauthorizedRequest , but you need to be able to get into your jQuery event (in my case .keypress in the js code above) for this to work if I understood correctly.
EDIT: additional explanation
So let me explain the scenario. If I log in with my username "john" from Firefox and again with the username "john" from chrome, the next step I do in Firefox is to log out and redirect me to Home / Index, because someone then another made a new login to Chrome.
This is normal. Since you are no longer logged in, you are usually redirected to your Home / Index if your action is a normal ActionResult and returns a view.
The problem is that I have some other functions on the page that uses AJAX POST, and since you are logged out, you cannot POST for this JsonResult action, so you cannot even get the error callback that redirects you to the main / index. I put a few warnings in my JS, but no warning triggers, which are normal, because I am no longer allowed on this page. If I want my onEnter text box to redirect me to the Home / Index, I need to press the key twice. Is that all you could do?
I am interested in a better approach for this AJAX problem. I do not know what I should call it, but, as I read from the previous topic, is it called "AJAX timeout processing"?
Thank you very much.