Our client is legally required to verify the age of individuals accessing their site. I recently came across a post by Marek about using a rules engine to handle this on a page-by-page basis, rather than through the HttpRequest pipeline. The solution provided by Marek's Post seems ideal for a multi-site setup.
The access verification process is straightforward: a verified cookie is checked, and if it exists, the user is granted access to the site. If the cookie does not exist, the user is redirected to the Age Gate, where their age is verified based on their date of birth input.
Source code is very similar to Marek's code with few differences for MVC approach, which are detailed below.
Pipeline patched after "...RequestBegin.StartTracking" in "zzz.Foundation.PageRules.config":
RunPageRules extends RequestBeginProcessor:
"Where in Live Mode" Condition, ensures we are not in experience editor/preview etc:
"and except where the device is bot" is Sitecore built in rule under "Device", so device detection should be enabled for this rule to work.
"and where Age Gate is enabled", simply checks value of checkbox on item
"and except where the agegate_cookie cookie exists" checks if cookie with given name already exists. Ideally there should be also added an expiration check, if no session cookie used:
"redirect user to age gate Age Gate" action let's us pick Sitecore item where we should redirect to. "dest" query string is used to redirect to requested page after verification: