Securing an action method in a Controller

For the sake of explanation, let us assume that the About page is a secure page and only authenticated users should be able to access it.

We just have to decorate the About action method in the Home controller with an[Authorize] attribute:

[Authorize] 
        public IActionResult About() 
        { 
            ViewData["Message"] = "This is my about page"; 
            return View(); 
        }

Making the preceding change will redirect the user to the log-in page when the user tries to access the log-in page without logging in to the application:

Securing an action method in a Controller

In the following screenshot, you will notice an additional query parameter, ReturnURL, in the URL. This ReturnURL ...

Get Learning ASP.NET Core MVC Programming now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning ASP.NET Core MVC Programming by Mugilan T. S. Ragupathi

Securing an action method in a Controller

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly