Skip to content

Instantly share code, notes, and snippets.

@Grinderofl

Grinderofl/LogonAuthorize.cs

Created October 27, 2011 09:15
Show Gist options
  • Save Grinderofl/1319125 to your computer and use it in GitHub Desktop.
Save Grinderofl/1319125 to your computer and use it in GitHub Desktop.
Download ZIP
C# .NET: Logon Authorization Enforcer when no AllowAnonymousAttribute is defined.
Raw
LogonAuthorize.cs
// --------------------------------------------------------------------------------------------------------------------
// <copyright file="LogonAuthorize.cs" company="">
// Nero Sule
// </copyright>
// <summary>
// Class to enforce authorization on everything that isn't declared with AllowAnonymous Attribute.
// </summary>
// --------------------------------------------------------------------------------------------------------------------
namespace Web.Filters
{
using System.Web.Mvc;
/// <summary>
/// The logon authorization class.
/// </summary>
public class LogonAuthorize : AuthorizeAttribute
{
#region Public Methods
/// <summary>
/// Override authorization to only not require authorization on AllowAnonymous attributed methods
/// </summary>
/// <param name="filterContext">
/// </param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(
typeof(AllowAnonymousAttribute), true);
if (!skipAuthorization)
{
base.OnAuthorization(filterContext);
}
}
#endregion
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment