Authorize attribute is not working in my project

Question

I have been working on a project in MVC 5 using Asp.net C#, since a long time, now the project is completed and I have to restrict the unauthorized access, but the Authorize attribute is not working.

This is some portions of web.config file

<appSettings>
  <add key="webpages:Version" value="3.0.0.0" />
  <add key="webpages:Enabled" value="false" />
  <add key="ClientValidationEnabled" value="true" />
   <add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
  <authentication mode="None" />
  <compilation debug="true" targetFramework="4.5.2" />
  <httpRuntime targetFramework="4.5.2" />
</system.web>
<system.webServer>
  <modules>
    <remove name="FormsAuthentication" />
  </modules>
</system.webServer>

Answer 1

I have the same problem, but

shouldn't remove in

<remove name="FormsAuthentication" />

be removed?

Edit:

I fixed my problem by adding:

  app.UseMvc();

to my Configure class

and

services.AddMvc().AddMvcOptions(opts =>
            {
                opts.EnableEndpointRouting = false;
            }
            );

to my ConfigureServices class

Hope that is of any help for you

EDIT2:

Take a look at this:

If the app uses authentication/authorization features such as AuthorizePage or [Authorize], place the call to UseAuthentication and UseAuthorization after UseRouting.

So yea... Wasted hours trying to figure this out. Thanks Microsoft. Hopefully this was also your problem.