Join Jess Chadwick for an in-depth discussion in this video Secure controller actions from unauthorized access, part of Learn ASP.NET Core MVC: The Basics.
- [Instructor] At this point, I've shown you…pretty much everything you need to know…in order to build an ASP.NET Core MVC application,…including how to accept data from users.…However, it's rarely a good idea…to just leave these kinds of things open…for the entire internet to use.…So, in this chapter I'll show you how…you can protect your site by making sure…that all of that data is actually coming…from the users that you expect.…The first step in locking down your site…is surprisingly simple.…Just place a single attribute named Authorize…on the controller actions that you wish…to restrict access to and those controller actions…will no longer be available to users…who haven't authorized themselves…as being able to access them.…
To demonstrate, I'll try putting this attribute…on the create controller action in the blog controller.…This attribute lives in yet another package.…So go ahead and add that package reference to your project.…With this attribute in place,…I can try navigating to the Create a Blog Post page…
- Building blocks of ASP.NET Core applications
- Creating a new project
- Responding to HTTP requests
- Serving static files
- Understanding the MVC pattern
- Handling requests with controllers
- Rendering HTML with Razor
- Rendering data, view markup, and view logic
- Creating HTML forms
- Validating form data
- Reading and writing from a database with Entity Framework
- Improving the user experience
- Exposing data with a web API
- Securing your ASP.NET application
Skill Level Intermediate
1. The Basics
2. The Model-View-Controller (MVC) Pattern
Understand routing4m 24s
3. Render HTML with Views
4. Work with Data
5. Improve User Experience with Ajax and Web APIs
6. Secure Your Application
Next steps1m 42s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.