I'm developing a site with ASP.net MVC 2.0. There is a sequence of the pages which should behave like a simple wizard without return. The data should shared between pages. I want to allow redirecting to the next page of a wizard only from the current one. A view model of the current page should be passed into the next page which will be used for implementing some logic. Any user should NOT have access to the one of the middle pages typing URL directly in a browser.
I've tried to use TempData with a specified key for saving a model view of a current page passing it to the next one and checking whether it is a NULL or not to render a page. If a value of a model view in TempData is NULL it means that a user redirect to this page not from a previous one. But there is the case when a user can redirect to the next page of a wizard and go out from it somewhere else on a site (for an instance to the FAQ page). After this a user can type a direct link of the wizard page that has been left and this page will be shown but logically it should be redirected to the error page.
Question: How can I allow to redirect to a certain page of a wizard just only from a previous one and nowhere more?
I think I'd store a page value in a session variable. On each page's controller check the session variable to see that the previous steps have been visited. If not, return RedirectToAction to the previous step.
At the end of each step, after successful validation, set the session variable to show that it has been completed, then redirect to the next step.
You could also share the data between pages using sessions too, although I'm aware some developer cringe at this...but I'm not so sure why...I love sessions.