You've created a new ASP.NET Core application with user registration. Now, you want to ensure that only registered users can post comments. Which attribute would you use to implement this restriction?
- [AllowAnonymous]
- [Authorize]
- [Authorize(Roles = "Admin")]
- [Authorize(Roles = "User")]
To restrict access to registered users only, you would use the [Authorize] attribute. This attribute can be applied at the controller or action level and ensures that only authenticated users can access the specified resources. It doesn't require specifying roles, as it already implies authenticated users. [AllowAnonymous] would allow both anonymous and registered users, while [Authorize(Roles = "Admin")] and [Authorize(Roles = "User")] are role-based authorizations and are not suitable for this scenario.
Loading...
Related Quiz
- You've been reading about the MVC architecture and are trying to understand the components. If you wanted to add logic to fetch data from a database when a user visits a certain page, which component of MVC would handle this?
- Your manager wants to prevent users from using their username as their password. Which feature in ASP.NET Core Identity helps with this requirement?
- You have an ASP.NET Core application where you've defined all your model configurations using data annotations, but now there's a requirement that cannot be achieved using them. How can you handle this model configuration requirement in Entity Framework Core?
- Which file in an ASP.NET Core project acts as the entry point of the application?
- You read about exception handling middleware in ASP.NET Core and decide to implement one. However, after adding it, you notice that your custom error handling logic isn't being triggered. What could be a common mistake leading to this issue?