이 Daniel`s 응답을 바탕으로, 내가
[HttpPost]
[AllowAnonymous]
[IgnoreAntiforgeryToken]
public ActionResult Index()
{
if (!User.Identity.IsAuthenticated)
{
return NewIndex();
}
// rest of action
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult NewIndex()
{
// body of new action
}
에 docs draft에 따라 다른 옵션을 코드를 변경, 서비스로 Antiforgery
를 주입입니다.
Project.json
"Microsoft.AspNetCore.Antiforgery": "1.0.0"
Startup.cs는
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IAntiforgery antiforgery)
{
...
public void ConfigureServices(IServiceCollection services)
{
services.AddAntiforgery();
...
나서 검증 컨트롤러.
public class MyController : Controller
{
private readonly IAntiforgery _antiforgery;
public AccountController(IAntiforgery antiforgery)
{
_antiforgery = antiforgery;
}
public ActionResult Index()
{
if (!User.Identity.IsAuthenticated)
{
await _antiforgery.ValidateRequestAsync(HttpContext);
}
// rest of action
}
}