c# - How to protect a website with authorization without a user signing in? -


the scenario a signed in user prepares material , dispatches number of email addresses. in each email, there's link webpage visitors can read , leave suggestions.

since can't request visitors register themselves, pages visited exposed without authorization. 1 requires valid guid hit existing page, though.

my question if there's method provide authorization of users not signed in. guid token sent out email accounts best protection can offer, given can't bothered sign in manually themselves?

i rejected idea of tracking ip numbers since can't guarantee won't accessing website different locations.

you can use shared access signature approach. azure uses getting access storage (with policies expiration time, etc), onedrive uses similar approach sharing files, etc. think (you mentioned azure) can use azure storage sas mechanisms that. without expiration , other policies , guid, believe, not ideal solution.


Comments

Popular posts from this blog

Django REST Framework perform_create: You cannot call `.save()` after accessing `serializer.data` -

Why does Go error when trying to marshal this JSON? -