zoukankan      html  css  js  c++  java
  • AuthorizeAttribute 之 AllowAnonymous & ActionAuthorize

        [ActionAuthorize]
        public class HomeController : Controller
        {
            private readonly ILogger<HomeController> _logger;
    
            public HomeController(ILogger<HomeController> logger)
            {
                _logger = logger;
            }
    
            public IActionResult Index()
            {
                return View();
            }
    
            public IActionResult Index2(long userid)
            {
                return View();
            }
    
            public JsonResult GetCall()
            {
                return new JsonResult("test");
            }
    
            [AllowAnonymous]
            public JsonResult GetCallNoAuth()
            {
                return new JsonResult("no auth");
            }
    
            public IActionResult AuthFail()
            {
                return View();
            }
    
            public IActionResult AccessFail()
            {
                return View();
            }
    
            public IActionResult Privacy()
            {
                return View();
            }
    
            [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
            public IActionResult Error()
            {
                return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
            }
        }
    

      

         public class ActionAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
        {
            private long _targetUserId = 1;
            private string _notAllowedAction =  "deny" ;
            public void OnAuthorization(AuthorizationFilterContext filterContext)
            {
                var query = filterContext.HttpContext.Request.Query;
                if (!query.ContainsKey("userid") || query["userid"].ToString() != _targetUserId.ToString())
                {
                    filterContext.Result = new RedirectToActionResult("home", "AuthFail", null);
                    return;
                }
                var routes = filterContext.HttpContext.Request.RouteValues;
                if (routes.ContainsKey(_notAllowedAction))
                {
                    filterContext.Result = new RedirectToActionResult("home", "AccessFail", null);
                    return;
                }
                return;
    
            }
        }
    

      

  • 相关阅读:
    MySql 范式
    MySql 多表关系
    MySql 约束条件
    MySql 枚举和集合 详解
    【RoR win32】新建rails项目找不到script/server的解决办法
    【RoR win32】安装RoR
    【RoR win32】提高rails new时bundle install运行速度
    【bs4】安装beautifulsoup
    【py分析网页】可能有用的-re去除网页上的杂碎
    【pyQuery】抓取startup news首页
  • 原文地址:https://www.cnblogs.com/panpanwelcome/p/14864063.html
Copyright © 2011-2022 走看看