O'Reilly logo

ASP.NET Core: Cloud-ready, Enterprise Web Application Development by James Singleton, Valerio De Sanctis, Mugilan T. S. Ragupathi

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing an action method in a Controller

For the sake of explanation, let us assume that the About page is a secure page and only authenticated users should be able to access it.

We just have to decorate the About action method in the Home controller with an[Authorize] attribute:

[Authorize] 
        public IActionResult About() 
        { 
            ViewData["Message"] = "This is my about page"; 
            return View(); 
        } 

Making the preceding change will redirect the user to the log-in page when the user tries to access the log-in page without logging in to the application:

Securing an action method in a Controller

In the following screenshot, you will notice an additional query parameter, ReturnURL, in the URL. This ReturnURL ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required