From the course: Learning ASP.NET Core MVC
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Secure controller actions from unauthorized access
From the course: Learning ASP.NET Core MVC
Secure controller actions from unauthorized access
- [Instructor] At this point, I've shown you pretty much everything you need to know in order to build an ASP.NET Core MVC application, including how to accept data from users. However, it's rarely a good idea to just leave these kinds of things open for the entire internet to use. So, in this chapter I'll show you how you can protect your site by making sure that all of that data is actually coming from the users that you expect. The first step in locking down your site is surprisingly simple. Just place a single attribute named Authorize on the controller actions that you wish to restrict access to and those controller actions will no longer be available to users who haven't authorized themselves as being able to access them. To demonstrate, I'll try putting this attribute on the create controller action in the blog controller. This attribute lives in yet another package. So go ahead and add that package reference to your project. With this attribute in place, I can try navigating…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.