How to force only anonymous access to controller a

2019-04-29 18:50发布

I can use the [AllowAnonymous] attribute to permit a user to access a controller action, but is there an attribute to permit only anonymous users to an action? e.g. [AllowAnonymousOnly]

标签： c# asp.net-mvc authentication asp.net-mvc-5

2条回答

小情绪 Triste *

2楼-- · 2019-04-29 19:24

You could check the authentication of the user. If the user is logged in, then redirect him away from the controller. This can be achieved as follows using MVC's role provider:

        if(User.Identity.IsAuthenticated)
        {
            return RedirectToRoute("home");
        }

If the user is not logged in, this will then allow the user to view the contents of the page.

0人赞添加讨论(0) 举报

混吃等死

3楼-- · 2019-04-29 19:49

No. It doesn't exist.

However, you can create it by creating your own attribute inheriting from the AuthorizeAttribute.

Here's an example.

Yours would look like:

public class AllowAnonymousOnlyAttribute : AuthorizeAttribute
{    
    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        // make sure the user is not authenticated. If it's not, return true. Otherwise, return false
    }
}

0人赞添加讨论(0) 举报

How to force only anonymous access to controller a

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间