How to make a route available only after login in asp.net core 2.1?
I am not sure how to ask this but here it goes. I am trying to make a route or URL from a controller will be only available to access after login of the user. I don't know to find these code in asp.net core 2.1. I know how to do it for its view part.
@if (SignInManager.IsSignedIn(User)){ //authorized section }
But I am not sure about the controller/route parts. So, I need your help to make learn this properly.
Thank you.
authentication controller routes asp.net-identity asp.net-core-2.1
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
add a comment |
I am not sure how to ask this but here it goes. I am trying to make a route or URL from a controller will be only available to access after login of the user. I don't know to find these code in asp.net core 2.1. I know how to do it for its view part.
@if (SignInManager.IsSignedIn(User)){ //authorized section }
But I am not sure about the controller/route parts. So, I need your help to make learn this properly.
Thank you.
authentication controller routes asp.net-identity asp.net-core-2.1
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
add a comment |
I am not sure how to ask this but here it goes. I am trying to make a route or URL from a controller will be only available to access after login of the user. I don't know to find these code in asp.net core 2.1. I know how to do it for its view part.
@if (SignInManager.IsSignedIn(User)){ //authorized section }
But I am not sure about the controller/route parts. So, I need your help to make learn this properly.
Thank you.
authentication controller routes asp.net-identity asp.net-core-2.1
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
I am not sure how to ask this but here it goes. I am trying to make a route or URL from a controller will be only available to access after login of the user. I don't know to find these code in asp.net core 2.1. I know how to do it for its view part.
@if (SignInManager.IsSignedIn(User)){ //authorized section }
But I am not sure about the controller/route parts. So, I need your help to make learn this properly.
Thank you.
authentication controller routes asp.net-identity asp.net-core-2.1
authentication controller routes asp.net-identity asp.net-core-2.1
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
asked Nov 21 '18 at 6:48
Mohsin KhanMohsin Khan
398
398
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I'm not sure exactly what you're asking. If your question is how you can make the route not exist at all, that is impossible. If it's exposed, it's exposed. However, you can force a user to be authorized to access it, which brings me to the next possible interpretation: how do you force a user to be authorized in order to access a particular route. That is simple; you just decorate the action with the Authorize attribute:
[Authorize]
public IActionResult OnlyForAuthenticateUsers()
You can also decorate the controller class, instead, which will protect every action in the controller:
[Authorize]
public class MyController
If you just need one or so actions to be open, such as a "signin" action in a controller that otherwise has actions only available to authenticated users, then you can utilize the AllowAnonymous attribute:
[AllowAnonymous]
public IActionResult SignIn()
Finally, the Authorize attribute also lets you specify roles and/or policies that must be satisfied in addition to being authenticated. For example, to lock down a particular action to only "Admin" users, you might do something like [Authorize(Roles = "Admin")].
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53406627%2fhow-to-make-a-route-available-only-after-login-in-asp-net-core-2-1%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I'm not sure exactly what you're asking. If your question is how you can make the route not exist at all, that is impossible. If it's exposed, it's exposed. However, you can force a user to be authorized to access it, which brings me to the next possible interpretation: how do you force a user to be authorized in order to access a particular route. That is simple; you just decorate the action with the Authorize attribute:
[Authorize]
public IActionResult OnlyForAuthenticateUsers()
You can also decorate the controller class, instead, which will protect every action in the controller:
[Authorize]
public class MyController
If you just need one or so actions to be open, such as a "signin" action in a controller that otherwise has actions only available to authenticated users, then you can utilize the AllowAnonymous attribute:
[AllowAnonymous]
public IActionResult SignIn()
Finally, the Authorize attribute also lets you specify roles and/or policies that must be satisfied in addition to being authenticated. For example, to lock down a particular action to only "Admin" users, you might do something like [Authorize(Roles = "Admin")].
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
add a comment |
I'm not sure exactly what you're asking. If your question is how you can make the route not exist at all, that is impossible. If it's exposed, it's exposed. However, you can force a user to be authorized to access it, which brings me to the next possible interpretation: how do you force a user to be authorized in order to access a particular route. That is simple; you just decorate the action with the Authorize attribute:
[Authorize]
public IActionResult OnlyForAuthenticateUsers()
You can also decorate the controller class, instead, which will protect every action in the controller:
[Authorize]
public class MyController
If you just need one or so actions to be open, such as a "signin" action in a controller that otherwise has actions only available to authenticated users, then you can utilize the AllowAnonymous attribute:
[AllowAnonymous]
public IActionResult SignIn()
Finally, the Authorize attribute also lets you specify roles and/or policies that must be satisfied in addition to being authenticated. For example, to lock down a particular action to only "Admin" users, you might do something like [Authorize(Roles = "Admin")].
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
add a comment |
I'm not sure exactly what you're asking. If your question is how you can make the route not exist at all, that is impossible. If it's exposed, it's exposed. However, you can force a user to be authorized to access it, which brings me to the next possible interpretation: how do you force a user to be authorized in order to access a particular route. That is simple; you just decorate the action with the Authorize attribute:
[Authorize]
public IActionResult OnlyForAuthenticateUsers()
You can also decorate the controller class, instead, which will protect every action in the controller:
[Authorize]
public class MyController
If you just need one or so actions to be open, such as a "signin" action in a controller that otherwise has actions only available to authenticated users, then you can utilize the AllowAnonymous attribute:
[AllowAnonymous]
public IActionResult SignIn()
Finally, the Authorize attribute also lets you specify roles and/or policies that must be satisfied in addition to being authenticated. For example, to lock down a particular action to only "Admin" users, you might do something like [Authorize(Roles = "Admin")].
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
I'm not sure exactly what you're asking. If your question is how you can make the route not exist at all, that is impossible. If it's exposed, it's exposed. However, you can force a user to be authorized to access it, which brings me to the next possible interpretation: how do you force a user to be authorized in order to access a particular route. That is simple; you just decorate the action with the Authorize attribute:
[Authorize]
public IActionResult OnlyForAuthenticateUsers()
You can also decorate the controller class, instead, which will protect every action in the controller:
[Authorize]
public class MyController
If you just need one or so actions to be open, such as a "signin" action in a controller that otherwise has actions only available to authenticated users, then you can utilize the AllowAnonymous attribute:
[AllowAnonymous]
public IActionResult SignIn()
Finally, the Authorize attribute also lets you specify roles and/or policies that must be satisfied in addition to being authenticated. For example, to lock down a particular action to only "Admin" users, you might do something like [Authorize(Roles = "Admin")].
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
answered Nov 21 '18 at 13:47
Chris PrattChris Pratt
153k20238301
153k20238301
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
add a comment |
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
I am really new to asp.net core. So I can't actually express myself properly when I am talking about it. And I think I got what I want, sir. Thank you very much
– Mohsin Khan
Nov 21 '18 at 17:55
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53406627%2fhow-to-make-a-route-available-only-after-login-in-asp-net-core-2-1%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
