/// <summary> /// Called by the ASP.NET MVC framework before the action method executes. /// </summary> /// <param name="filterContext">The filter context.</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); var isOptions = HandleOptionsRequests(filterContext); if (!isOptions) { var isTokenRequired = filterContext.IsCurrentExecutingMethodTokenRequired(); if (isTokenRequired) { if (filterContext.HttpContext.Session[_sessionKey] == null) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new HttpUnauthorizedResult(); } else { filterContext.Result = new RedirectResult(string.Format("{0}?{1}={2}", _loginUrl, _returnUrlKey, filterContext.HttpContext.Request.RawUrl.ToUrlPathEncodedText())); } } } } }