I'm learning about ASP.Net membership and I want to be able to only allow people to use certain actions if they are logged in. I am currently using the default template for ASP.Net membership provided by Microsoft when you create a new internet application project using MVC 4. I have tried marking actions with the [Authorize] attribute but that doesn't seem to block users who aren't logged in from viewing a page. Is there an easy way of implementing this or another attribute I should be looking at? I am also looking for a way to redirect people if they're not logged in to the login page?
Example Code:
[Authorize]
public ActionResult Register()
{
return View();
}
//
// POST: /Account/Register
[HttpPost]
[Authorize]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterModel model)
One thing I can think of is you might have Windows authentication mode.
Please make sure you are using Forms Authentication .
For example,
<system.web>
...
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880"/>
</authentication>
...
</system.web>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.