MVC OnActionExecuting to Redirect

I recently had the following requirements in an MVC application:

Given a new user that still has the default password

When they first login

Then the user must change their password and optionally provide contact information

I found that I can override the OnActionExecuting method in a BaseController class.

public class BaseController : Controller {

\[Inject\]
public ISessionManager SessionManager { get; set; }
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
    // call the base method first
    base.OnActionExecuting(filterContext);

    // if the user hasn't changed their password yet, force them to the welcome page
    if (!filterContext.RouteData.Values.ContainsValue("WelcomeNewUser"))
    {
        var currentUser = this.SessionManager.GetCurrentUser();
        if (currentUser.FusionUser.IsPasswordChangeRequired)
        {
            filterContext.Result = new RedirectResult("/welcome");
        }
    }
}

}

Better yet, you can use an ActionFilterAttribute (and here) and apply the attribute to the Base or individual controllers.

///

/// Redirect the user to the WelcomePage if the FusionUser.IsPasswordChangeRequired is true; /// public class WelcomePageRedirectActionFilterAttribute : ActionFilterAttribute { [Inject] public ISessionManager SessionManager { get; set; }

public override void OnActionExecuting(ActionExecutingContext actionContext)
{
    base.OnActionExecuting(actionContext);

    // if the user hasn't changed their password yet, force them to the welcome page
    if (actionContext.RouteData.Values.ContainsValue("WelcomeNewUser"))
    {
        return;
    }

    var currentUser = this.SessionManager.GetCurrentUser();
    if (currentUser.FusionUser.IsPasswordChangeRequired)
    {
        actionContext.Result = new RedirectResult("/welcome");
    }
}

}

[WelcomePageRedirectActionFilterAttribute] public class BaseController : Controller { ... }

The requirement is now met.