我创建了一个AuthorizationFilter来在访问操作方法时检查授权。代码如下:
public class MyAuthorizeActionFilter : IAuthorizationFilter
{
private readonly int _userAge;
public MyAuthorizeActionFilter(int userAge)
{
_userAge = userAge;
}
public void OnAuthorization(AuthorizationFilterContext context)
{
bool isAuthorized = CheckUserPermission(context.HttpContext.User, _userAge);
if (!isAuthorized)
{
context.Result = new UnauthorizedResult();
}
}
private bool CheckUserPermission(ClaimsPrincipal user, int age)
{
if (user.Claims == null || !user.Claims.Any())
return false;
var dob = Convert.ToDateTime(user.FindFirst(ClaimTypes.DateOfBirth).Value);
var years = DateTime.Today.Year - dob.Year;
return years >= age;
}
}
然后我创建了一个Authorize属性,如下所示:
public class MyAuthorizeAttribute : TypeFilterAttribute
{
public MyAuthorizeAttribute(int age) : base(typeof(MyAuthorizeActionFilter))
{
Arguments = new object[] { age };
}
}
我在控制器操作方法中使用了上面的authorize属性。
[MyAuthorize(21)]
public IActionResult Index()
{
return View();
}
现在的问题是,在取消授权时,系统不会重定向到登录页面。尽管我将以下代码放在启动类的ConfigureService方法中。
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.Cookie.Name = "_auth";
options.LoginPath = new PathString("/account/login");
options.LogoutPath = new PathString("/account/logout");
options.AccessDeniedPath = new PathString("/account/login");
});
任何人在未经授权的情况下都能帮助我重定向到登录页面。
在检查授权后的OnAuthorization中,我们可以使用以下代码重定向到帐户/登录页面。
context.Result = new RedirectResult("~/account/login");
OR
context.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new
{
controller = "account",
action = "login"
}));