在 .NET Core MVC 中,如何在 AuthorizationHandler 中访问 DbContext?
In .NET Core MVC, how do I access the DbContext while inside an AuthorizationHandler?
这是我配置服务的启动代码:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddDbContext<ThisApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddAuthentication(
SharedOptions => SharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
services.AddAuthorization(
options => { options.AddPolicy("ValidUsers",
policy =>
{
policy.Requirements.Add(new ValidUserAuthorization());
});
});
}
这里是授权用户的class:
public class ValidUserAuthorization : AuthorizationHandler<ValidUserAuthorization>, IAuthorizationRequirement
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidUserAuthorization requirement)
{
string username = context.User.Identity.Name;
if (context.User.Identity.Name == "hardcoded-username")
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
我想更改我的授权 class (ValidUserAuthorization) 以便能够在我的应用程序数据库中查找用户名(通过 ThisApplicationDbContext 访问),而不是比较针对硬编码字符串。
获取此数据库上下文(已在 ConfigureServices 中初始化)并授权 class 使用它的最佳方法是什么?
一种可能的方法是将 DbContext 的类型作为通用类型传递:
public class ValidUserAuthorization<TDbContext> : AuthorizationHandler<ValidUserAuthorization>, IAuthorizationRequirement
where TDbContext : DbContext, new()
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidUserAuthorization requirement)
{
using (TDbContext db = new TDbContext())
{
// ...
}
}
}
然后您可以在 ConfigureServices 方法中像这样创建 ValidUserAuthorization 对象:
policy.Requirements.Add(new ValidUserAuthorization<ThisApplicationDbContext>());
这是我配置服务的启动代码:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddDbContext<ThisApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddAuthentication(
SharedOptions => SharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
services.AddAuthorization(
options => { options.AddPolicy("ValidUsers",
policy =>
{
policy.Requirements.Add(new ValidUserAuthorization());
});
});
}
这里是授权用户的class:
public class ValidUserAuthorization : AuthorizationHandler<ValidUserAuthorization>, IAuthorizationRequirement
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidUserAuthorization requirement)
{
string username = context.User.Identity.Name;
if (context.User.Identity.Name == "hardcoded-username")
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
我想更改我的授权 class (ValidUserAuthorization) 以便能够在我的应用程序数据库中查找用户名(通过 ThisApplicationDbContext 访问),而不是比较针对硬编码字符串。
获取此数据库上下文(已在 ConfigureServices 中初始化)并授权 class 使用它的最佳方法是什么?
一种可能的方法是将 DbContext 的类型作为通用类型传递:
public class ValidUserAuthorization<TDbContext> : AuthorizationHandler<ValidUserAuthorization>, IAuthorizationRequirement
where TDbContext : DbContext, new()
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidUserAuthorization requirement)
{
using (TDbContext db = new TDbContext())
{
// ...
}
}
}
然后您可以在 ConfigureServices 方法中像这样创建 ValidUserAuthorization 对象:
policy.Requirements.Add(new ValidUserAuthorization<ThisApplicationDbContext>());