ASP.NET MVC - Image Only + Verified Users Only

Question

ASP.NET MVC - Image Only + Verified Users Only

Is it possible in any way to allow authenticated users to view certain images? I am creating a web gallery at the moment and I do not want unidentified users to see images.

+4

asp.net-mvc asp.net-mvc-3

ebb Apr 9 '11 at 17:20

source share

2 answers

Yes, you can hide images from non-authenticated users.

Depending on how your images are displayed, you can hide them through

1. Using the Authorize attribute in a controller action

2. HTML expose in a view that displays images in

 if (User.Identity.IsAuthenticated) { // image HTML here }

You will want to place the images somewhere where they cannot be viewed without authentication, for example, in App_Data , as Darin suggests.

0

Russ cam Apr 9 '11 at 17:27

source share

Darin Dimitrov · Accepted Answer · 2011-04-09T17:22:22+0000

You can place these images somewhere on a server where users do not have access (for example, to the ~/App_Data ) to prevent direct access to them, and then use the controller action to serve them. This action will be decorated with the Authorize attribute to allow only its authorized users:

 [Authorize] public ActionResult Image(string name) { var appData = Server.MapPath("~/App_Data"); var image = Path.Combine(appData, name + ".png"); return File(image, "image/png"); }

and then:

 <img src="@Url.Action("Image", "SomeController", new { name = "foo" })" alt="" />

Inside the view, you can also check if the user is checked before displaying the image.

ASP.NET MVC - Image Only + Verified Users Only

More articles: