是否有可能禁止在MVC控制器上一个动作授权？ [英] Is it possible to disable authorization on one action in an MVC controller?

问题描述

我有一个控制器上的授权属性，但我想将其关闭上一个动作。
我创建了自己的授权过滤器，并添加无名氏进入角色列表。在我的过滤器我那么如果匿名出现在角色列表返回true。

I have an authorization attribute on a controller, but I'd like to turn it off on one action. I created my own authorization filter and added "Anonymous" into the Roles list. In my filter I then return true if Anonymous appears in the role list.

但是，它似乎并没有让过去的登录页面，如果控制器授权是pre-先发制人别的了。

However, it doesn't seem to get past the login page as if the controller authorization is pre-empting anything else.

推荐答案

您可以添加[授权]到控制器类，然后你不希望被授权单个动作加上[使用AllowAnonymous。例如：

You can add [Authorize] To the controller class, and then add [AllowAnonymous] to the single action you don't want to be authorized. Example:

[Authorize]
    public class AccountController : Controller
    {
        public ActionResult Profile()
        {
            return View();
        }

        [AllowAnonymous]
        public ActionResult Login()
        {
            return View();
        }
    }

这篇关于是否有可能禁止在MVC控制器上一个动作授权？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！