zoukankan      html  css  js  c++  java
  • AuthorizeAttribute 之 AllowAnonymous & ActionAuthorize

        [ActionAuthorize]
        public class HomeController : Controller
        {
            private readonly ILogger<HomeController> _logger;
    
            public HomeController(ILogger<HomeController> logger)
            {
                _logger = logger;
            }
    
            public IActionResult Index()
            {
                return View();
            }
    
            public IActionResult Index2(long userid)
            {
                return View();
            }
    
            public JsonResult GetCall()
            {
                return new JsonResult("test");
            }
    
            [AllowAnonymous]
            public JsonResult GetCallNoAuth()
            {
                return new JsonResult("no auth");
            }
    
            public IActionResult AuthFail()
            {
                return View();
            }
    
            public IActionResult AccessFail()
            {
                return View();
            }
    
            public IActionResult Privacy()
            {
                return View();
            }
    
            [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
            public IActionResult Error()
            {
                return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
            }
        }
    

      

         public class ActionAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
        {
            private long _targetUserId = 1;
            private string _notAllowedAction =  "deny" ;
            public void OnAuthorization(AuthorizationFilterContext filterContext)
            {
                var query = filterContext.HttpContext.Request.Query;
                if (!query.ContainsKey("userid") || query["userid"].ToString() != _targetUserId.ToString())
                {
                    filterContext.Result = new RedirectToActionResult("home", "AuthFail", null);
                    return;
                }
                var routes = filterContext.HttpContext.Request.RouteValues;
                if (routes.ContainsKey(_notAllowedAction))
                {
                    filterContext.Result = new RedirectToActionResult("home", "AccessFail", null);
                    return;
                }
                return;
    
            }
        }
    

      

  • 相关阅读:
    SqlServer:创建索引
    SqlServer:使用视图 View
    SqlServer:修改和删除数据
    网络管理:SNMPv1
    《剑指 Offer》学习记录:题 9:用两个栈实现队列
    《剑指 Offer》学习记录:题 27:二叉树的镜像
    团队冲刺9
    团队冲刺8
    团队冲刺7
    团队冲刺6
  • 原文地址:https://www.cnblogs.com/panpanwelcome/p/14864063.html
Copyright © 2011-2022 走看看