title pretty much says it all. I have a website which will only run

Question

0

Asked: May 17, 20262026-05-17T22:36:47+00:00 2026-05-17T22:36:47+00:00

title pretty much says it all. I have a website which will only run

0

title pretty much says it all.

I have a website which will only run behind a login so I want to ensure that nothing can be accessed unless you’re logged in. This includes ActionResults, JsonResults etc…

Currently, I have [Authorize] all over my controllers which is quite tedious and not very DRY 🙂

So can I protect the entire website with 1 magic line of code? (The login page will obviously need to be accessible)

Also, please note that I will still need to further protect some of the Actions to only be used by certain Users/Roles

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-17T22:36:48+00:00

If you have multiple controllers, then make a AuthorizeController from which you inherit your controllers that must be protected. Just set the [Authorize] attribute to the AuthorizeController:

[Authorize]
public class AuthorizeController: Controller
{
}

public class HomeController : AuthorizeController
{
    ...
}

// don't inherit AccountController from AuthorizeController
public class AccountController : Controller
{
    public ActionResult Login()
    {
        ...
    }
}

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

title pretty much says it all. I have a website which will only run

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply