How to check user permission Role Access before executing a method in ASP.NET MVC4

Question

I have edited my question and here is the code which I used for implementing the authentication.

Class which inherits AuthorizeAttribute.

public class FBxAuth : AuthorizeAttribute
    {

        public FBxAuth()
            : base()
        {

        }
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            bool isAuthenticated = false;
            if (httpContext.User.Identity.IsAuthenticated)
            {
                // here I will check users exists in database.
                // if yes , isAuthenticated=true;
            }
            return isAuthenticated;
        }
        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            filterContext.HttpContext.Response.Redirect("/home/Register/?returningURL=" +
                filterContext.HttpContext.Server.UrlEncode(filterContext.HttpContext.Request.Url.ToString()));

        }

    }

My controller

[FBxAuth]
        public ActionResult Index()
        {
            teamDA = new TeamDataAccess();
            var teams = teamDA.TeamsList();

            return View(teams);
        }

1. Am I following the correct way ?

2.How can I check the authenticated user is authorized to execute a action in controller. For eg: delete . www.abc.com/teams/5/ delete will perform delete I can hide the delete link from UI. But if a user tries to delete by giving url mentioned above, how can i prevent him from executing the action ?

Answer 1

您必须执行与Index动作相同的操作，只需将[FBxAuth]或公共[Authorize]属性添加到您希望只允许已验证用户访问的动作即可。