Filters in MVC (Action, Authorization, Exception) in ASP.NET Core
๐ก Concept Name
Filters in MVC (Action, Authorization, Exception) - ASP.NET Core
๐ Quick Intro
Filters in ASP.NET Core MVC are attributes that let you inject logic into the MVC request pipeline. They allow developers to perform cross-cutting operations like authorization, logging, exception handling, and response caching. They execute before or after various request stages.
๐ง Analogy / Short Story
Think of filters like airport security checkpoints. Before you reach your flight (controller/action), you go through ID check (Authorization Filter), baggage scan (Action Filter), and if something goes wrong, a supervisor handles it (Exception Filter). Each step ensures safety, compliance, and a smooth journey.
๐ง Technical Explanation
ASP.NET Core MVC provides five types of filters: Authorization, Resource, Action, Result, and Exception filters.
These filters implement corresponding interfaces like IAuthorizationFilter, IActionFilter, and IExceptionFilter.
You can apply them globally, at controller-level, or per-action using attributes.
๐ฏ Purpose & Use Case
- โ Apply global authentication and authorization logic
- โ Log request/response at action level
- โ Catch and handle unhandled exceptions
- โ Modify the result or short-circuit pipeline
- โ Reuse logic across multiple actions/controllers
๐ป Real Code Example
// Action Filter Example
public class LogActionFilter : IActionFilter
{
public void OnActionExecuting(ActionExecutingContext context)
{
Console.WriteLine("Before Action runs");
}
public void OnActionExecuted(ActionExecutedContext context)
{
Console.WriteLine("After Action runs");
}
}
// Exception Filter Example
public class GlobalExceptionFilter : IExceptionFilter
{
public void OnException(ExceptionContext context)
{
context.Result = new ContentResult {
Content = "Oops! Something went wrong.",
StatusCode = 500
};
context.ExceptionHandled = true;
}
}
โ Interview Q&A
Q1: What are filters in MVC?
A: Components that inject logic into the MVC request pipeline.
Q2: Name some filter types.
A: Authorization, Action, Result, Exception, Resource.
Q3: Which filter handles exceptions globally?
A: Exception Filter.
Q4: What is the execution order of filters?
A: Authorization โ Resource โ Action โ Result โ Exception (on error).
Q5: How do you apply a filter to all controllers?
A: Register it in Startup.cs inside services.AddControllers(options => options.Filters.Add(...))
Q6: Can filters short-circuit a request?
A: Yes, e.g., Authorization filter can stop execution if unauthorized.
Q7: How to create a custom action filter?
A: Implement IActionFilter or use ActionFilterAttribute.
Q8: Difference between middleware and filters?
A: Middleware runs globally; filters are scoped to MVC pipeline.
Q9: Can filters be asynchronous?
A: Yes, by implementing IAsyncActionFilter, etc.
Q10: What is the main use of AuthorizationFilter?
A: To enforce security before the action executes.
Q1: Which filter is responsible for access control?
- A. Authorization Filter
- B. Action Filter
- C. Result Filter
- D. Exception Filter
Q2: How do you create a global filter?
- A. Add attribute to every controller
- B. Register in
Startup.csusingservices.AddControllers() - C. Add in
Configure()method - D. Use global variable
๐ก Bonus Insight
Use filters when you need logic to run consistently across multiple controllers/actions, like logging, metrics, authentication, or exception handling. They're more modular than middleware for MVC-specific tasks.
๐ PDF Download
Need a handy summary for your notes? Download this topic as a PDF!