Closed Xorboth closed 3 months ago
This is really outside of this library's scope, but
To make controllers and APIs available to authenticated users only, use the [Authorize]
attribute.
To redirect all user to a login path use this
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
//.,..
options.LoginPath = "/User/Login";
//...
}
This way all anonymous users will be redirected to /User/Login - and that's where you redirect them to IdP
Hello, I love your library, I have one question though. I hope you can help me. I have an ASP.NET web app and I'd like to use this library, and was able to do it. However I can't figure out how to redirect the user to the IdP login page if the user is not logged in. What's troubling me is that without any automatic redirect, all the APIs are still callable from the user even when not logged in, and this is a security problem.