MVC 控制器,动作过滤器不工作
MVC Controller, Action Filters not working
我想为控制器添加 Bearer Authentication,但它不是 运行 Action Filter 中的代码。
我尝试添加 Debug.WriteLine(...);
但它没有在输出中显示任何内容。
获取:
fetch('api/Test/Select', {
headers: {
'Content-type': 'application/json',
'Authorization': `Bearer ${sessionStorage.getItem("token")}`,
},
method: 'GET',
})
和 MVC 控制器:
using System;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Hosting;
namespace API
{
[BearerAuthentication] //<-- Action Filter
[Route("api/Test")]
public class TestController : ControllerBase
{
//...
[HttpGet("Select")]
public IActionResult Select()
{
try
{
return Ok(FirstService.Select());
}
catch (Exception ex)
{
return Conflict(ex);
}
}
//...
动作过滤器:
public class BearerAuthenticationAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext context)
{
Debug.WriteLine("Why are u not working?"); //<-- Debug Console shows nothing
HttpRequestMessage request = context.Request;
AuthenticationHeaderValue authorization = request.Headers.Authorization;
//...
}
}
您的 BearerAuthenticationAttribute
class 扩展了 ActionFilterAttribute
class 但没有实现 IActionFilter
接口的问题。您的 class 必须显式实现 IActionFilter
接口才能触发 OnActionExecuting
方法。
这是 a Microsoft Hands On Lab 的实施示例:
public class CustomActionFilter : ActionFilterAttribute, IActionFilter
{
void IActionFilter.OnActionExecuting(ActionExecutingContext filterContext)
{
// TODO: Add your action filter's tasks here
// Log Action Filter call
using (MusicStoreEntities storeDb = new MusicStoreEntities())
{
ActionLog log = new ActionLog()
{
Controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName,
Action = string.Concat(filterContext.ActionDescriptor.ActionName, " (Logged By: Custom Action Filter)"),
IP = filterContext.HttpContext.Request.UserHostAddress,
DateTime = filterContext.HttpContext.Timestamp
};
storeDb.ActionLogs.Add(log);
storeDb.SaveChanges();
OnActionExecuting(filterContext);
}
}
}
如果您的身份验证方法是不记名的,那么您只需执行 [Authorize]
并且不要忘记使用 [ApiController]
这样 .net 就知道它需要验证每个端点设置:
using System;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Authorization;
namespace API
{
[ApiController]
[Authorize]
[Route("api/Test")]
public class TestController : ControllerBase
{
//...
[HttpGet("Select")]
public IActionResult Select()
{
try
{
return Ok(FirstService.Select());
}
catch (Exception ex)
{
return Conflict(ex);
}
}
//...
我想为控制器添加 Bearer Authentication,但它不是 运行 Action Filter 中的代码。
我尝试添加 Debug.WriteLine(...);
但它没有在输出中显示任何内容。
获取:
fetch('api/Test/Select', {
headers: {
'Content-type': 'application/json',
'Authorization': `Bearer ${sessionStorage.getItem("token")}`,
},
method: 'GET',
})
和 MVC 控制器:
using System;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Hosting;
namespace API
{
[BearerAuthentication] //<-- Action Filter
[Route("api/Test")]
public class TestController : ControllerBase
{
//...
[HttpGet("Select")]
public IActionResult Select()
{
try
{
return Ok(FirstService.Select());
}
catch (Exception ex)
{
return Conflict(ex);
}
}
//...
动作过滤器:
public class BearerAuthenticationAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext context)
{
Debug.WriteLine("Why are u not working?"); //<-- Debug Console shows nothing
HttpRequestMessage request = context.Request;
AuthenticationHeaderValue authorization = request.Headers.Authorization;
//...
}
}
您的 BearerAuthenticationAttribute
class 扩展了 ActionFilterAttribute
class 但没有实现 IActionFilter
接口的问题。您的 class 必须显式实现 IActionFilter
接口才能触发 OnActionExecuting
方法。
这是 a Microsoft Hands On Lab 的实施示例:
public class CustomActionFilter : ActionFilterAttribute, IActionFilter
{
void IActionFilter.OnActionExecuting(ActionExecutingContext filterContext)
{
// TODO: Add your action filter's tasks here
// Log Action Filter call
using (MusicStoreEntities storeDb = new MusicStoreEntities())
{
ActionLog log = new ActionLog()
{
Controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName,
Action = string.Concat(filterContext.ActionDescriptor.ActionName, " (Logged By: Custom Action Filter)"),
IP = filterContext.HttpContext.Request.UserHostAddress,
DateTime = filterContext.HttpContext.Timestamp
};
storeDb.ActionLogs.Add(log);
storeDb.SaveChanges();
OnActionExecuting(filterContext);
}
}
}
如果您的身份验证方法是不记名的,那么您只需执行 [Authorize]
并且不要忘记使用 [ApiController]
这样 .net 就知道它需要验证每个端点设置:
using System;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Authorization;
namespace API
{
[ApiController]
[Authorize]
[Route("api/Test")]
public class TestController : ControllerBase
{
//...
[HttpGet("Select")]
public IActionResult Select()
{
try
{
return Ok(FirstService.Select());
}
catch (Exception ex)
{
return Conflict(ex);
}
}
//...