[英]DI in custom AuthorizationFilterAttribute with Ninject
I read a lot of articles (including SO) regarding this subject, but still cannot find proper solution for dependency injection with Ninject in AuthorizationFilterAttribute. 我阅读了很多有关该主题的文章(包括SO),但是仍然找不到在AuthorizationFilterAttribute中使用Ninject进行依赖项注入的正确解决方案。 Current code is working but I'm pretty sure there should be much better solution. 当前代码正在运行,但是我敢肯定应该有更好的解决方案。
public override void OnAuthorization(HttpActionContext actionContext)
{
var ts = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(TokenService));
try
{
var token = GetHeader(actionContext.Request);
if (token == null)
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("Token not found")
};
return;
}
else
{
var tks = ts as TokenService;
var tkn = Task.Run(() => tks.FindToken(token)).Result;
if (tkn.ValidTill > DateTime.Now)
{
var us = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(UserService));
var uss = us as UserService;
var user = Task.Run(() => uss.FindByTokenValue(token)).Result;
if (user != null)
{
if (!_roles.Contains(user.RoleName))
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Forbidden)
{
Content = new StringContent("You role permission is not enough")
};
return;
}
var identity = new Identity { Name = user.Login, IsAuthenticated = true };
var principal = new GenericPrincipal(identity, new[] { user.RoleName });
actionContext.RequestContext.Principal = principal;
Thread.CurrentPrincipal = principal;
base.OnAuthorization(actionContext);
_roles = null;
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("User not found")
};
return;
}
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent($"Token valid till {tkn.ValidTill}")
};
return;
}
}
}
catch (Exception ex)
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent($"Authorization error: {ex.Message}")
};
return;
}
}
You want something like: 您想要类似的东西:
Ninject.Web.WebApi.FilterBindingSyntax.BindingRootExtensions
.BindHttpFilter<SomeAuthorisationFilter>(kernel,
Http.Filters.FilterScope.Global)
in NinjectWebCommon.RegisterServices(IKernel). 在NinjectWebCommon.RegisterServices(IKernel)中。
There's some good documentation for filters at https://github.com/ninject/Ninject.Web.WebApi/wiki/Dependency-injection-for-filters . 在https://github.com/ninject/Ninject.Web.WebApi/wiki/Dependency-injection-for-filters上有一些关于过滤器的很好的文档。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.