You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 28, 2019. It is now read-only.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -27,7 +27,7 @@ This is where filters come in, allowing you to execute code before and after you
Filters are similar in concept to [middleware](middleware-basic.md) in that you have the option to modify part of the requested operation. Where they differ is in location in the pipeline and their intent: middleware sits outside of the MVC pipeline and is meant more to control application flow whereas filters allow you to deal with a request in the context of access to a specific resource or endpoint.
These two features can easily be imagined by using authentication and authorization. Authentication can be inspected before a request even enters the MVC pipeline, ensuring that the user has the correct cookies, tokens or whatever is configured in order to represent identity. The components of the MVC pipeline are not required. Authorization, on the other hand, is more concerned about things the route, if the user has a particular set of claims to allow them to access a controller or a particular action. Whereas filters have access to aspects of the request, such as identity, that are built up before the MVC pipeline, middleware does not have access to MVC concepts like routing or model binding.
These two features can easily be imagined by using authentication and authorization. Authentication can be inspected before a request even enters the MVC pipeline, ensuring that the user has the correct cookies, tokens or whatever is configured in order to represent identity. The components of the MVC pipeline are not required. Authorization, on the other hand, is more concerned about properties of the route, if the user has a particular set of claims to allow them to access a controller or a particular action. And whereas filters have access to aspects of the request, such as identity, that are built up before the MVC pipeline, middleware does not have access to MVC concepts like routing or model binding.
You will typically see that a filter will be implemented as an attribute, making it pretty straightforward to use them. Here is an example of using an action filter on an action through an attribute:
