public void OnAuthorization(AuthorizationContext filterContext) { if (filterContext.AllowAnonymous()) { return; } var context = filterContext.RequestContext.HttpContext; var assistedCookieData = context.Request.GetCookieData <CookieUserData>(CookieHelper.AssistedUserCookieName); var cookieData = assistedCookieData ?? context.Request.GetUserData <CookieUserData>(); var isAuthorized = cookieData != null && cookieData.ToUser().HasProfileType(_authorizedProfileTypes); if (!isAuthorized) { filterContext.Result = new RedirectResult("~/error/unauthorized"); } }