Liam
Reputation: 1199
Preventing authorized users from accessing an action
I know if I have a method and I only want Authenticated uses to use it I can mark it with:
[Authorize]
If I have a method where I want both authorized and non authorized people to use it I can mark a method with:
[AllowAnonymous]
If I have a method where only Anonymous users can use and not Authenticated users how can I do this?
Upvotes: 1
Views: 53
Answers (1)
haim770
Reputation: 49123
You can use this UnAuthenticatedOnlyAttribute:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class UnAuthenticatedOnlyAttribute : ActionFilterAttribute
{
public string RedirectTo { get; set; } = "/Error";
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var user = filterContext.HttpContext.User;
if (user != null && user.Identity != null && user.Identity.IsAuthenticated)
filterContext.Result = new RedirectResult(RedirectTo);
}
}
Usage:
[UnAuthenticatedOnly(RedirectTo = "/Main")]
public ActionResult Login()
{
// ...
}
Upvotes: 1
Related Questions
- Excluding an action from authorization in ASP.NET MVC 2
- How to restrict access of controller action in ASP.net MVC 5
- Restricting access to controller actions for non logged in users in MVC 4
- Best way of preventing access to an action in mvc
- MVC protecting accessing some action
- Restricting access to action methods in controller in Asp.net MVC
- How to restrict access to certain actions in controller in ASP.net MVC
- Using ASP.NET MVC Controller Action with authorized and unauthorized users
- Restricting Access to MVC Actions
- Only allow access to action if redirected from specific action