如何在 CustomAuthorizeAttribute Web 中添加过滤器 API
How to Add a Filter in CustomAuthorizeAttribute Web API
我想在我的自定义授权属性上设置一个过滤器,但我不知道如何将它添加到我的代码中。我想要这样。
[CustomAuthorize(Roles="Admin, Supervisor, SystemUser")]
[CustomAuthorize(Users="Kenneth,John")]
[CustomAuthorize(Customfilter="Update, View")]
这是我的自定义授权,要在我的代码中添加什么才能拥有过滤器?
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
ApplicationDbContext _context = new ApplicationDbContext(); // my entity
public override void OnAuthorization(HttpActionContext actionContext)
{
if (AuthorizeRequest(actionContext))
{
return;
}
HandleUnauthorizedRequest(actionContext);
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (((System.Web.HttpContext.Current.User).Identity).IsAuthenticated)
{
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent("You are unauthorized to access this resource")
};
}
else
{
base.HandleUnauthorizedRequest(actionContext);
}
}
private bool AuthorizeRequest(HttpActionContext actionContext)
{
var user = _context.Users.ToList();
if (user != null)
return true;
else
return false;
}
}
您可以像下面这样使用自定义授权
public class CustomAuthorize : System.Web.Http.AuthorizeAttribute
{
private string Roles { get; set; }
private string Customfilter { get; set; }
private string Users { get; set; }
public CustomAuthorize(string roles, string users,string Customfilter)
{
Roles = roles;
Users = users;
Customfilter = Customfilter
}
//Your default code here
ApplicationDbContext _context = new ApplicationDbContext(); // my entity
public override void OnAuthorization(HttpActionContext actionContext)
{
if (AuthorizeRequest(actionContext))
{
return;
}
HandleUnauthorizedRequest(actionContext);
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (((System.Web.HttpContext.Current.User).Identity).IsAuthenticated)
{
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent("You are unauthorized to access this resource")
};
}
else
{
base.HandleUnauthorizedRequest(actionContext);
}
}
private bool AuthorizeRequest(HttpActionContext actionContext)
{
var user = _context.Users.ToList();
if (user != null)
return true;
else
return false;
}
}
我想在我的自定义授权属性上设置一个过滤器,但我不知道如何将它添加到我的代码中。我想要这样。
[CustomAuthorize(Roles="Admin, Supervisor, SystemUser")]
[CustomAuthorize(Users="Kenneth,John")]
[CustomAuthorize(Customfilter="Update, View")]
这是我的自定义授权,要在我的代码中添加什么才能拥有过滤器?
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
ApplicationDbContext _context = new ApplicationDbContext(); // my entity
public override void OnAuthorization(HttpActionContext actionContext)
{
if (AuthorizeRequest(actionContext))
{
return;
}
HandleUnauthorizedRequest(actionContext);
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (((System.Web.HttpContext.Current.User).Identity).IsAuthenticated)
{
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent("You are unauthorized to access this resource")
};
}
else
{
base.HandleUnauthorizedRequest(actionContext);
}
}
private bool AuthorizeRequest(HttpActionContext actionContext)
{
var user = _context.Users.ToList();
if (user != null)
return true;
else
return false;
}
}
您可以像下面这样使用自定义授权
public class CustomAuthorize : System.Web.Http.AuthorizeAttribute
{
private string Roles { get; set; }
private string Customfilter { get; set; }
private string Users { get; set; }
public CustomAuthorize(string roles, string users,string Customfilter)
{
Roles = roles;
Users = users;
Customfilter = Customfilter
}
//Your default code here
ApplicationDbContext _context = new ApplicationDbContext(); // my entity
public override void OnAuthorization(HttpActionContext actionContext)
{
if (AuthorizeRequest(actionContext))
{
return;
}
HandleUnauthorizedRequest(actionContext);
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
if (((System.Web.HttpContext.Current.User).Identity).IsAuthenticated)
{
actionContext.Response = new HttpResponseMessage()
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent("You are unauthorized to access this resource")
};
}
else
{
base.HandleUnauthorizedRequest(actionContext);
}
}
private bool AuthorizeRequest(HttpActionContext actionContext)
{
var user = _context.Users.ToList();
if (user != null)
return true;
else
return false;
}
}