Home/ Questions/Q 8291275
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T13:04:42+00:00

I have edited my question and here is the code which I used for

  • 0

I have edited my question and here is the code which I used for implementing the authentication.

Class which inherits AuthorizeAttribute. 

public class FBxAuth : AuthorizeAttribute
    {

        public FBxAuth()
            : base()
        {

        }
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            bool isAuthenticated = false;
            if (httpContext.User.Identity.IsAuthenticated)
            {
                // here I will check users exists in database.
                // if yes , isAuthenticated=true;
            }
            return isAuthenticated;
        }
        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            filterContext.HttpContext.Response.Redirect("/home/Register/?returningURL=" +
                filterContext.HttpContext.Server.UrlEncode(filterContext.HttpContext.Request.Url.ToString()));

        }

    }

My controller

[FBxAuth]
        public ActionResult Index()
        {
            teamDA = new TeamDataAccess();
            var teams = teamDA.TeamsList();

            return View(teams);
        }
  1. Am I following the correct way ?

2.How can I check the authenticated user is authorized to execute a action in controller.
For eg: delete .
www.abc.com/teams/5/delete will perform delete
I can hide the delete link from UI.
But if a user tries to delete by giving url mentioned above, how can i prevent him from executing the action ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    you have to do the same thing you did with your Index action, just add the [FBxAuth] or the common [Authorize] attribute to the action you want to be allowed access only to the authenticated users.

    • 0