Can you enable [Authorize] for controller but disable it for a single action?

Question

I would like to use [Authorize] for every action in my admin controller except the Login action.

[Authorize (Roles = \"Administrator\"         


        

Answer 1

May be it's not actual, but I wrote my custom attribute:

public class SelectableAuthorizeAttribute : AuthorizeAttribute
{
    public SelectableAuthorizeAttribute(params Type[] typesToExclude)
    {
        _typesToExlude = typesToExclude;
    }

    private readonly Type[] _typesToExlude;

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        bool skipAuthorization = _typesToExlude.Any(type => filterContext.ActionDescriptor.ControllerDescriptor.ControllerType == type);

        if (!skipAuthorization)
        {
            base.OnAuthorization(filterContext);
        }
    }
}

And then registered it in my global filetrs:

filters.Add(new SelectableAuthorizeAttribute(typeof(MyController)));

Hope that it will be useful for someone