Securing an action method in a Controller
For the sake of explanation, let us assume that the About page is a secure page and only authenticated users should be able to access it.
We just have to decorate the About action method in the Home controller with an[Authorize] attribute:
[Authorize]
public IActionResult About()
{
ViewData["Message"] = "This is my about page";
return View();
}
Making the preceding change will redirect the user to the log-in page when the user tries to access the log-in page without logging in to the application:
In the following screenshot, you will notice an additional query parameter, ReturnURL, in the URL. This ReturnURL parameter will redirect the application to that specific page (the value passed in the ReturnURL parameter—Home/About in our case).
Once you log in, you'll be redirected to the page that you requested earlier:
When you register a new user, the details of the...
