ASP .NET MVC: Redirect to a view if certain condition is not met

Question

I finally got to try .NET MVC this weekend and, as was expected, ran into some hurdles.

I am trying to password-protect my site while it's under development. The basic idea is very very simple: in my BaseController class (that inherits from the Controller and is inherited by all other controller classes) I check whether a certain Session variable is set. If it is not set, I need to redirect them to a specific view, where users can enter a password. The key is that this check should happen on every request, regardless of what part of the site they're accessing. This is what I tried but has failed: Override OnActionExecuting in the BaseController class and check for the following:

if ((Session["siteAuth"] == null || (bool)Session["siteAuth"] != true) && 
        filterContext.ActionDescriptor.ActionName != "EnterPassword") {
   RedirectToAction("EnterPassword");
}
else {
   base.OnActionExecuting(filterContext);
}

OnActionExecuting executes on every request, however, RedirectToAction does not happen. Basically it just renders the view that it would otherwise render.

The closest solution that I found was here, but mine needs to happen on every request.

Any hints as to what I'm doing wrong?

Answer 1

Why don't you just decorate your action or controller with [Authorize]?

Answer 2

You should set filterContext.Result:

    protected override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        filterContext.Result = RedirectToAction("EnterPassword");
    }

but as Daniel Liuzzi said, there are other better ways to do it.