MVC Authentication and Antiforgery token with Durandal SPA template

前端 未结 1 1656
死守一世寂寞
死守一世寂寞 2021-01-30 11:14

Some areas of my SPA need to be open to all users, and some areas require authentication. In these areas, it\'s the data loaded via AJAX that I want to protect.

I have a

相关标签:
1条回答
  • 2021-01-30 11:40

    I prefer to pass the antiforgery token in the header. This way its easy to parse out of the request on the server because its not intermingled with your form's data.

    I then created a custom action filter to check for the antiforgery token.

    I created a post already on how to do this.

    0 讨论(0)
提交回复
热议问题