Overwriting/redirect a Request in Coldfusion using modelglue

Question

Actually its related to authentication. my scenario is as following: I have a homepage, where user can see some news n other stuff, also there are text fields for user to enter the login info and get logged in. Now if user is not logged in i want to restrict him to see the details of news. and whenever user click on any of the link, it should get a alert (u need to login).

modelglue.xml:

<event-handler name="modelglue.OnRequestStart">
    <broadcasts>
        <message name="checkAuthentication" />
    </broadcasts>
    <results>
        <result name="invalid" do="homePage" />
    </results>
    <views />
</event-handler>

*checkAuthentication() checks whether user is logged in or not. in case of invalid (not logged in) it redirects to "homePage" event.

Now the issue is, when user click on any of the link, authentication is checked. If authentic (logged in) then that corresponding event is called and action is performed. but in case of invalid (not logged in), It goes to "homePage" event, performs action but also performs the other request (e.g. if event is showNews) News is also shown, which i dont want to.

Can anyone tell how can I stop the execution before that showNews event. i.e. just homePage event is finished.

thnx in advance

Answer 1

In your message-listener for 'checkAuthentication' you will want to add some sort of WhiteList of events that do not need an authentication check. Something like the following should do it (check to see if the event name is really called 'EventName' in the event object)

<cfset var eventName = arguments.event.getValue("EventName") />
<cfset var whitelistedEvents = "homePage,otherPage,etc" />
<cfif UserIsUnAuthenticated AND NOT ListContainsNoCase(whitelistedEvents,eventName)>
-- do your redirect in here as this is an unauthenticated user trying to access a non-whitelisted event
</cfif>

hope this helps.