[转]How to override HandleUnauthorizedRequest in ASP.NET Core
2017-01-07 14:08
776 查看
本文转自:http://quabr.com/40446028/how-to-override-handleunauthorizedrequest-in-asp-net-core
I'm migrating my project to asp.net core and I'm stuck in migrating my CustomAuthorization attribute for my controllers. Here is my code.
then i used it to my controllers
so, basically i can use it to redirect to different login page when roles is not met. I have few areas and each of them have different login page. I tried using the CookieAuthenticationOptions like this
then on my admin controller
but after i login, it still cant get in.
I am doing something similar in one of my projects. This answer is NOT using AuthorizeAttribute; but it might help some one landing here from a google search. In my case I am using it to authorize based on custom logic.
First my custom attribute class:
I decorate my controllers like this:
Then in my Startup class
I'm migrating my project to asp.net core and I'm stuck in migrating my CustomAuthorization attribute for my controllers. Here is my code.
public class CustomAuthorization : AuthorizeAttribute { public string Url { get; set; } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { if (!filterContext.HttpContext.User.Identity.IsAuthenticated) { filterContext.Result = new RedirectResult(Url + "?returnUrl=" + filterContext.HttpContext.Request.Url.PathAndQuery); } else if (!Roles.Split(',').Any(filterContext.HttpContext.User.IsInRole)) { filterContext.Result = new ViewResult { ViewName = "AcessDenied" }; } else { base.HandleUnauthorizedRequest(filterContext); } } }
then i used it to my controllers
[CustomAuthorization(Url = "/Admin/Account/Login", Roles = "Admin")] public abstract class AdminController : Controller { }
so, basically i can use it to redirect to different login page when roles is not met. I have few areas and each of them have different login page. I tried using the CookieAuthenticationOptions like this
services.Configure<CookieAuthenticationOptions>(options => { options.AuthenticationScheme = "Admin"; options.LoginPath = "/Admin/Account/Login"; });
then on my admin controller
[Area("Admin")] [Authorize(ActiveAuthenticationSchemes = "Admin", Roles = "Admin")]
but after i login, it still cant get in.
1 answer
answered 2016-11-06 13:17 DarkonektI am doing something similar in one of my projects. This answer is NOT using AuthorizeAttribute; but it might help some one landing here from a google search. In my case I am using it to authorize based on custom logic.
First my custom attribute class:
public class CustomAuthorizationAttribute : ActionFilterAttribute { private readonly IMyDepedency _dp; public CustomAuthorizationAttribute(IMyDepedency dp) { _dp = dp; } public override void OnActionExecuting(ActionExecutingContext context) { var isValid = false; //write my validation and authorization logic here if(!isValid) { var unauthResult = new UnauthorizedResult(); context.Result = unauthResult; } base.OnActionExecuting(context); } }
I decorate my controllers like this:
[ServiceFilter(typeof (CustomAuthorizationAttribute))]
Then in my Startup class
public void ConfigureServices(IServiceCollection services) { // Add framework services. services.AddMvc(); // my other stuff that is not relevant in this post // Security services.AddTransient<CustomAuthorizationAttribute>(); }
相关文章推荐
- How to get raw request body in ASP.NET?
- [转]How to use an Area in ASP.NET Core
- How to use FtpWebRequest in asp.net
- How to use Bundle&Minifier and bundleconfig.json in ASP.NET Core
- csharp:Learn how to post JSON string to generic Handler using jQuery in ASP.Net C
- How to convert XML to JSON in ASP.NET C#
- How to bootstrap two angular apps in one asp.net mvc application
- How to prevent multiple clicks of a submit button in ASP.NET
- how to prevent multiple login for same user in asp.net
- [转]An introduction to OAuth 2.0 using Facebook in ASP.NET Core
- csharp:Learn how to post JSON string to generic Handler using jQuery in ASP.Net
- How to add controls dynamically in asp.net
- How to use Console.WriteLine in ASP.Net (C#) during debug?
- How to Hash and Salt Passwords in ASP.NET
- [转][ASP.NET]How to easily insert row in GridView with SqlDataSource?
- How to Make Dynamic Hyperlinks Using C# in ASP.NET
- 海洋工作室——网站建设专家:ASP.NET: How to Convert Your Site To A MasterPage Site in 3 Steps
- How to set the DefaultButton in a Page Based on ASP.NET Master Page
- How to manage a Thread IN ASP.NET
- How To Implement Forms-Based Authentication in Your ASP.NET Application by Using C# .NET