Sunday, 23 April 2017

Action Filtering in ASP.NET MVC Applications

MVC Action Filter Types


ASP.NET MVC provides the following types of action filters:
  • Authorization filter, which makes security decisions about whether to execute an action method, such as performing authentication or validating properties of the request. The AuthorizeAttribute class is one example of an authorization filter.
  • Action filter, which wraps the action method execution. This filter can perform additional processing, such as providing extra data to the action method, inspecting the return value, or canceling execution of the action method.
  • Result filter, which wraps execution of the ActionResult object. This filter can perform additional processing of the result, such as modifying the HTTP response. The OutputCacheAttribute class is one example of a result filter.
  • Exception filter, which executes if there is an unhandled exception thrown somewhere in action method, starting with the authorization filters and ending with the execution of the result. Exception filters can be used for tasks such as logging or displaying an error page. The HandleErrorAttribute class is one example of an exception filter.

How To Apply an Action Filter


Typically, an action filter is an attribute that implements the abstract FilterAttribute class. Some action filters, such as AuthorizeAttribute and HandleErrorAttribute, implement the FilterAttribute class directly. These action filters are always called before the action method runs.
Other action filters, such as OutputCacheAttribute, implement the abstract ActionFilterAttribute class, which enables the action filter to run either before or after the action method runs.
You can use the action filter attribute to mark any action method or controller. If the attribute marks a controller, the action filter applies to all action methods in that controller.
The following example shows the default implementation of the HomeController class. In the example, the HandleError attribute is used to mark the controller. Therefore, the filter applies to both action methods in the controller.

Sample Example Action Filter for MIME type content:
Class:
using System.Net;
using System.Net.Http;
using System.Web;
using System.Web.Http;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;

namespace Project.CustomFilter
{
    public class ValidateMimeFilter : ActionFilterAttribute
    {
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            if (!actionContext.Request.Content.IsMimeMultipartContent())
            {
                throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
            }
        }

    }
}

In Your controller
using Project.CustomFilter;
        [ValidateMimeFilter]
       //its validate the request contains Mime Multipart Content
        [HttpPost]
        [Route("api/ActionName")]
        public async Task<IHttpActionResult> ActionName()
            {
            }


No comments:

Post a Comment