Let's assume I implemented token based authorization with a custom filter attribute as described here.Let's also assume, I have a controller that returns tasks:\[code\]public IEnumerable<Task> Get(){ // return tasks for authorized user}\[/code\]Now, how would I go about returning only the tasks for the authorized user? Passing the user ID as a query parameter is not an option - it is forbidden to request the tasks of a different user.
Authorization in ASP.NET Web API: Return data specific to authorized user
- Thread starter hoho_dz
- Start date