Adding support for prefixed tenant authentication redirects

src/Orchard.Web/Modules/Orchard.Users/Orchard.Users.csproj

@@ -86,6 +86,7 @@
     <Compile Include="Models\UserPartRecord.cs" />
     <Compile Include="Models\UserStatus.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="Services\AuthenticationRedirectionFilter.cs" />
     <Compile Include="Services\IUserService.cs" />
     <Compile Include="Services\UserResolverSelector.cs" />
     <Compile Include="Services\MembershipService.cs" />

src/Orchard.Web/Modules/Orchard.Users/Services/AuthenticationRedirectionFilter.cs

@@ -0,0 +1,30 @@
+using System.Web.Mvc;
+using System.Web.Mvc.Filters;
+using System.Web.Routing;
+using Orchard.Mvc.Filters;
+
+namespace Orchard.Users.Services {
+
+    /// <summary>
+    /// This class is responsible for redirecting the user to the authentication page 
+    /// of the current tenant.
+    /// </summary>
+    public class AuthenticationRedirectionFilter : FilterProvider, IAuthenticationFilter {
+
+        public void OnAuthentication(AuthenticationContext filterContext) {
+        }
+
+        public void OnAuthenticationChallenge(AuthenticationChallengeContext filterContext) {
+            if (filterContext.Result is HttpUnauthorizedResult) {
+                filterContext.Result = new RedirectToRouteResult(
+                    new RouteValueDictionary
+                {
+                    { "controller", "Account" },
+                    { "action", "AccessDenied" },
+                    { "area", "Orchard.Users"},
+                    { "ReturnUrl", filterContext.HttpContext.Request.RawUrl }
+                });
+            }
+        }
+    }
+}

src/Orchard/UI/Admin/AdminFilter.cs

@@ -22,6 +22,7 @@ namespace Orchard.UI.Admin {
             if (IsAdmin(filterContext)) {
                 if (!_authorizer.Authorize(StandardPermissions.AccessAdminPanel, T("Can't access the admin"))) {
                     filterContext.Result = new HttpUnauthorizedResult();
+                    filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
                 }
 
                 Apply(filterContext.RequestContext);