Securing an action method in a Controller

For the sake of explanation, let us assume that the About page is a secure page and only authenticated users should be able to access it.

We just have to decorate the About action method in the Home controller with an[Authorize] attribute:

[Authorize] 
        public IActionResult About() 
        { 
            ViewData["Message"] = "This is my about page"; 
            return View(); 
        } 

Making the preceding change will redirect the user to the log-in page when the user tries to access the log-in page without logging in to the application:

Securing an action method in a Controller

In the following screenshot, you will notice an additional query parameter, ReturnURL, in the URL. This ReturnURL ...

Get ASP.NET Core: Cloud-ready, Enterprise Web Application Development now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.