Authentication

You can use the [Authorize] attribute from Microsoft.AspNetCore.Authorization in ASP.NET Core to require a logged-in user for a particular action, or an entire controller. To require authentication for all actions of the TodoController, add this attribute above the first line of the controller:

[Authorize]
public class TodoController : Controller
{
    // ...
}

Try running the application and accessing /todo without being logged in. You'll be redirected to the login page automatically.

Last updated