What am doing in my application for authorization is that when a user log in one cookie will be created with the user's id there after in every action i l check the cookie and if its not null then proceeds otherwise redirects to log in page assuming the user is been logged out.
在我的授权申请中正在做的是当用户登录一个cookie时将使用用户的id在每个操作中创建后检查cookie,如果它不为null,则继续重定向到登录页面,假设用户是已退出。
Is there any Good method in MVC so that I can avoid the check in every action. Or a good way for authorization.
MVC中是否有任何Good方法,以便我可以避免每次操作都检查。或者授权的好方法。
1 个解决方案
#1
1
You may use [Authorize] attribute:
您可以使用[授权]属性:
It can't be use for every ActionResult:
它不能用于每个ActionResult:
[Authorize]
public ActionResult Index()
{
return View()
}
Or for controller. In that case you don't need apply attribute for every action:
或者对于控制器。在这种情况下,您不需要为每个操作应用属性:
[Authorize]
public class HomeController : Controller
{
public ActionResult Index()
{
return View()
}
}
If any action in controller with [Authorize] attribute allows nnonymous use, you may use [AllowAnonymous] attribute for it:
如果带有[Authorize]属性的控制器中的任何操作允许使用nnonymous,则可以使用[AllowAnonymous]属性:
[Authorize]
public class HomeController : Controller
{
public ActionResult Index()
{
return View()
}
[AllowAnonymous]
public ActionResult Edit()
{
return View()
}
}
#1
1
You may use [Authorize] attribute:
您可以使用[授权]属性:
It can't be use for every ActionResult:
它不能用于每个ActionResult:
[Authorize]
public ActionResult Index()
{
return View()
}
Or for controller. In that case you don't need apply attribute for every action:
或者对于控制器。在这种情况下,您不需要为每个操作应用属性:
[Authorize]
public class HomeController : Controller
{
public ActionResult Index()
{
return View()
}
}
If any action in controller with [Authorize] attribute allows nnonymous use, you may use [AllowAnonymous] attribute for it:
如果带有[Authorize]属性的控制器中的任何操作允许使用nnonymous,则可以使用[AllowAnonymous]属性:
[Authorize]
public class HomeController : Controller
{
public ActionResult Index()
{
return View()
}
[AllowAnonymous]
public ActionResult Edit()
{
return View()
}
}