13 The MVC and Razor Pages filter pipeline

In part 1 I covered the MVC and Razor Pages frameworks of ASP.NET Core in some detail. You learned how routing is used to select an action method or Razor Page to execute. You also saw model binding, validation, and how to generate a response by returning an IActionResult from your actions and page handlers. In this chapter I’m going to head deeper into the MVC/Razor Pages frameworks and look at the filter pipeline, sometimes called the action invocation pipeline.

MVC and Razor Pages use several built-in filters to handle cross-cutting concerns, such as authorization (controlling which users can access which action methods and pages in your application). Any application that has the concept of users will use authorization filters as a minimum, but filters are much more powerful than this single use case.

13.1 Understanding filters and when to use them

13.1.1 The MVC filter pipeline

13.1.2 The Razor Pages filter pipeline

13.1.3 Filters or middleware: Which should you choose?

13.1.4 Creating a simple filter

13.1.5 Adding filters to your actions, controllers, Razor Pages, and globally

13.1.6 Understanding the order of filter execution

13.2 Creating custom filters for your application

13.2.1 Authorization filters: Protecting your APIs

13.2.2 Resource filters: Short-circuiting your action methods

13.2.3 Action filters: Customizing model binding and action results

13.2.4 Exception filters: Custom exception handling for your action methods

13.2.5 Result filters: Customizing action results before they execute

13.2.6 Page filters: Customizing model binding for Razor Pages

13.3 Understanding pipeline short-circuiting

13.4 Using dependency injection with filter attributes

Summary