I have created two endpoints one for login and other for logout and used JWT token to authorize the endpoint. So when I authorize the whole class using [Authorize] it authorizes both the login and logout endpoint. Not I want to remove authorize functionality from Login endpoint only. So how it can be done?
I tried the same using [AllowAnonymous] but it is not working in my case. Note: I cannot remove authorize from the whole controller and apply it only to the logout endpoint because I have some other cases too and it can not be done.
This is what I tried to do:
[Authorize(JwtBearerDefaults.AuthenticationScheme)]
public class UserController : Controller {
[AllowAnonymous]
public async Task<IActionResult> Login(string userDetails) {
// This action can be accessed by unauthorized users
}
public async Task<IActionResult> Logout(int Id) {
// This action can NOT be accessed by unauthorized users
}
}