Reputation: 1617
ASP.net Check if User is logged in Jquery Ajax
I have been playing with JQuery ajax and an ASP.Net webservice. I would like to use this combination to do more than look up information. I would like to add lines to orders and and do other things that will open up holes for security if there is no way to check if the user is logged in or not.
Javascript user checking before running the ajax will not shield from attacks by a semi aware hacker. Am I bound to use ASP.net controls to do all significant data entry?
Upvotes: 1
Views: 710
Answers (2)
Reputation: 2942
You'll need to verify (on the server side) that the current user is logged in. This is easy with MVC by just putting an [Authorize] attribute on the Controller or Method.
Upvotes: 1
Reputation: 27022
Ajax requests send all the same headers (including authentication cookies) as normal requests. Just validate the user against the attempted action and specific data, and you'll be fine.
Upvotes: 3
Related Questions
- ASP.NET MVC - Using Ajax with Jquery to Log in
- Checking the availability of a username in asp.net using ajax
- Check Session before every Jquery Ajax hit
- Check is aspx session expired via jquery ajax request
- How to check if user is logged in
- asp .net mvc3 + check if user is logged in when using $.ajax post
- how can I know if user is logged in
- jquery - ajax testing if logged in?
- Check user is logged in using Jquery
- ASP.Net: Ajax check for registration as a user?