AI OnAI Off
Redirect to Epi login screen
If you set the page permissions to not allow the everyone permission and only allow the groups you want access you'll not be able to see or access the page without logging in
Aug 08, 2023 15:51
Hi Matias
Unless you have some strict requirements, I would just control the access rights on the page in the editor. There you can remove "Everyone" and "Authenticated" from the allowed users/groups. So you won't need to implement this logic in code.
However, keep in mind that access rights on a sub-tree be overwritten in Admin Mode. In which case such pages could theoretically be available.
Aug 08, 2023 16:04
Another way, if you want to control this in controller code, so it can never be inadvertently made public, is to decorate the controller with [Authorize(Roles="WebAdmins")]. Or any other roles you wish to support.
This will automatically handle the redirect logic that you were trying to implement in your sample.
Edited,
Aug 08, 2023 16:06
Why not just decorate you controller and/or action with the [Authorize] attribute? The authorization middleware will handle the redirect autmotically for you. Otherwise you can just do return Challenge() to force a redirect.
Aug 08, 2023 16:08
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
Hi,
I had some subpage, which I wan't to be available only for logged in administratiors (redirecting back after login is nice to have feature and that also works)
I already had working code, but I am wondering if there is a better way to do this, especially as I don't like the harcoded path `/Util/login.aspx?` to be there.
Tried googling that, with no success :/
I will appreciate any suggestions ;)