search

janjongboom / Moth

Moth has all the awesomness Steve Souders thaught you about fast websites, but fully integrated in your ASP.NET MVC project!
27 stars 5 forks source link

AllowAnonymous Requests #18

Open kijanawoodard opened 12 years ago

kijanawoodard commented 12 years ago

MVC4 project. GlobalFilters: filters.Add(new System.Web.Mvc.AuthorizeAttribute());

The vast majority of my pages are secured so this works well.

I have the AllowAnonymous attribute on my Login page and a landing page.

Moth makes it's requests through a controller so the requests are blocked unless the user is logged in.

I'm faced with making "manual" stylesheet requests for unsecured pages or turning off global security and "manually" securing most of my controllers.

Could the Moth resource controllers have the AllowAnonymous attribute applied?

kijanawoodard commented 12 years ago

I'm using the following class to open up Moth. Maybe this is good enough?

public class CustomAuthorizeAttribute : System.Web.Mvc.AuthorizeAttribute
{
    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (!(filterContext.Controller is ResourcesController))
            base.OnAuthorization(filterContext);
    }
}