- ASP.NET Web API Security Essentials
- Rajesh Gunasundaram
- 88字
- 2021-07-30 10:15:54
Authorization inside a controller action
Sometimes, it may be required to change the behavior after processing the request based on the principal. In such scenarios, we can implement authorization in a controller action. For example, if you would like to manipulate the response based on the user's role, we can verify the logged-in user role from the ApiController.User property in the action method itself:
public HttpResponseMessage Get()
{
if (!User.IsInRole("Admin"))
{
// manipulate the response to eliminate information that shouldn't be shared with non admin users
}
}
推薦閱讀
- Learning Single:page Web Application Development
- 大話PLC(輕松動漫版)
- VMware View Security Essentials
- Mastering AWS Lambda
- HTML5+CSS3基礎(chǔ)開發(fā)教程(第2版)
- Mastering matplotlib
- 深入淺出Serverless:技術(shù)原理與應(yīng)用實(shí)踐
- Python Data Analysis Cookbook
- Visual Basic程序設(shè)計(jì)實(shí)驗(yàn)指導(dǎo)(第二版)
- Learning Material Design
- Java Web開發(fā)實(shí)例大全(基礎(chǔ)卷) (軟件工程師開發(fā)大系)
- Python網(wǎng)絡(luò)爬蟲實(shí)例教程(視頻講解版)
- 現(xiàn)代C++語言核心特性解析
- Learning Redux
- Moodle 3.x Developer's Guide