[英]How to get Post parameters on IsAuthorized of AuthorizeAttribute ASP.NET Web.API MVC 5
I need to get values of my Post Parameters at the time of Authorization. 我需要在授权时获取我的帖子参数的值。 Searchers on web but no solution is working.
网络上的搜索者但没有解决方案正在运作。
ActionArguments
count always showing 0 and not able to find values in ActionDescriptor.GetParameters()
ActionArguments
计数始终显示0并且无法在ActionDescriptor.GetParameters()
查找值
Here is my code: 这是我的代码:
POST model - POST模型 -
public class XyzModel
{
public int Prop1 { get; set; }
public string Prop2 { get; set; }
}
Custom Authorize Attribute - 自定义授权属性 -
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool IsAuthorized(HttpActionContext actionContext)
{
bool conditions = // here I need to check value of my model (XyzModel) properties
if(conditions)
{
return true;
}
return false;
}
}
Code in controller - 控制器中的代码 -
[HttpPost]
[CustomAuthorizeAttribute]
public IHttpActionResult MyAction(XyzModel model)
{
// my work here
}
Any suggestion? 有什么建议吗?
You can access model property of ActionArguments it will return XyzModel object. 您可以访问ActionArguments的模型属性,它将返回XyzModel对象。 than you can perform any operation on its properties:
您可以对其属性执行任何操作:
XyzModel model = (XyzModel)actionContext.ActionArguments["model"];
In your code it will be like this: 在你的代码中它将是这样的:
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool IsAuthorized(HttpActionContext actionContext)
{
var prop1 = HttpContext.Current.Request.Params["Prop1"];
var prop2 = HttpContext.Current.Request.Params["Prop2"];
bool conditions = // add conditions based on above properties
if(conditions)
{
return true;
}
return false;
}
}
I believe, you will not get post parameter value in AuthorizeAttribute
as AuthorizeAttribute
methods are called before action's parameter binding. 我相信,你不会在
AuthorizeAttribute
获得post参数值,因为在action的参数绑定之前调用AuthorizeAttribute
方法。
For your scenario, you can use ActionFilterAttribute
which executes only after action's parameter binding. 对于您的方案,您可以使用仅在操作的参数绑定后执行的
ActionFilterAttribute
。 You can create your custom filter attribute by using ActionFilterAttribute
您可以使用
ActionFilterAttribute
创建自定义过滤器属性
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
public class CheckMyPostDataFilter : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
XyzModel model = (XyzModel )actionContext.ActionArguments["model"]; // you will get data here
base.OnActionExecuting(actionContext);
}
}
You can simply decorate above CheckMyPostDataFilter
filter in your action : 您可以在操作中简单地在
CheckMyPostDataFilter
过滤器上方CheckMyPostDataFilter
装饰:
[HttpPost]
[CheckMyPostData]
public IHttpActionResult MyAction(XyzModel model)
{
// my work here
}
You can use Request Body Input Stream to read the entire Body content as below 您可以使用Request Body Input Stream来读取整个Body内容,如下所示
public sealed class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override bool IsAuthorized(HttpActionContext actionContext)
{
var req = HttpContext.Current.Request.InputStream;
string body = new StreamReader(req).ReadToEnd();
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.