public void OnAuthorization(AuthorizationContext ac)
{
bool isAuthOK = false;
StaffService staffService = new StaffService();
if (ac.HttpContext.Session["sessionId"] != null)
{
string sessionId = ac.HttpContext.Session["sessionId"].ToString();
StaffEF staff = staffService.FindStaffBySessionId(sessionId);
if (staff != null)
{
isAuthOK = true;
}
}
if (!isAuthOK)
{
ac.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "controller", "Login" },
{ "action", "Index" }
});
}
}
