You've created a new ASP.NET Core application with user registration. Now, you want to ensure that only registered users can post comments. Which attribute would you use to implement this restriction?

  • [AllowAnonymous]
  • [Authorize]
  • [Authorize(Roles = "Admin")]
  • [Authorize(Roles = "User")]
To restrict access to registered users only, you would use the [Authorize] attribute. This attribute can be applied at the controller or action level and ensures that only authenticated users can access the specified resources. It doesn't require specifying roles, as it already implies authenticated users. [AllowAnonymous] would allow both anonymous and registered users, while [Authorize(Roles = "Admin")] and [Authorize(Roles = "User")] are role-based authorizations and are not suitable for this scenario.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *