protected virtual bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } string controller = Protect.ToString(httpContext.Request.RequestContext.RouteData.Values["controller"]).Trim(); string action = Protect.ToString(httpContext.Request.RequestContext.RouteData.Values["action"]).Trim(); // check LoginSessionKey var loginSessionKey = AccountUtils.CurrentSessionKey(); var res = AccountDA.CheckSession(AccountUtils.CurrentSessionKey()); // invalid session if (res != null && res.ResponseCode == 0) { Sessions.AddMessage("SessionExpired", "Hết hạn lượt truy cập."); return(false); } return(true); }