堆栈内存溢出
  简体   繁体   English

ASP.NET自定义身份验证/授权

[英]ASP.NET custom authentication/Authorization

 原文  2019-05-29 14:37:36       c#/ authentication/ asp.net-mvc-5/ authorize-attribute/ asp.net-authorization

问题描述

I need to authorize my user through external service no identity no owin no katana is required. 我需要通过外部服务授权我的用户没有身份没有owin不需要武士刀。 Only based on Boolean value true or false. 仅基于布尔值true或false。 Which is send by api. 这是由api发送的。 How can i ovveride [Authorize] attribute to suite my needs? 我如何能够将[授权]属性用于满足我的需求? 

public class LoginController {


  public ActionResult LoginThroughExternalApp(authModel model)  
  {

   bool isUserExist = externalApp.isUserExist(model.userName, model.Password);

   if(isUserExist)
   {
        return RedirecToAction("DefaultActionName","DefaultController");
   }

     return RedirectToAction("Redirect to error login page.");
  }
}  



    [Authorize]
    public class DefaultController 
    {
      public ActionResult DefaultAction() 
      {
         //Do some stuff
      }
    }

1 个解决方案

解决方案1
 0  2019-05-30 11:29:49

You can define CustomActionAttribute to add any method with specific parameter(s). 您可以定义CustomActionAttribute以添加具有特定参数的任何方法。 Then you can do custom operation to let user. 然后你可以做自定义操作让用户。 

[AttributeUsage(AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class CustomActionAttribute : FilterAttribute, IActionFilter, IResultFilter
{
    public string ParamName { get; set; }

    public void OnActionExecuted(ActionExecutedContext filterContext)
    {
        throw new NotImplementedException();
    }

    public void OnActionExecuting(ActionExecutingContext filterContext)
    {

        if (filterContext.ActionParameters.ContainsKey(ParamName))
        {
            try
            {
                var model = filterContext.ActionParameters[ParamName] as authModel;
                bool isUserExist = externalApp.isUserExist(model.userName, model.Password);
                if (isUserExist)
                    // this code let you to go on without checking authorization.
                    return;
            }
            catch
            {
            }
        }
        filterContext.Result = new ViewResult
        {
            ViewName = "~/Views/Shared/UnAuthorizeAction.cshtml",
        };

    }

    public void OnResultExecuted(ResultExecutedContext filterContext)
    {
        throw new NotImplementedException();
    }

    public void OnResultExecuting(ResultExecutingContext filterContext)
    {
        throw new NotImplementedException();
    }
}

And here it's usage: 这是它的用法: 


[CustomActionAttribute(IdParamName = model)]
public ActionResult DefaultAction(authModel model)
{
    //...
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET MVC5中的自定义身份验证和授权? - Custom authentication and authorization in ASP.NET MVC5? Azure AD 身份验证与 ASP.Net Core 6 中的自定义授权 - Azure AD Authentication with Custom Authorization in ASP.Net Core 6 ASP.Net MVC 6身份验证和授权 - ASP.Net MVC 6 authentication and authorization 如何在ASP.NET中进行授权和身份验证? - How to do Authorization and Authentication in ASP.NET? ASP.NET MVC 4中的身份验证和授权 - Authentication and authorization in ASP.NET MVC 4 ASP.Net MVC要求授权和身份验证 - ASP.Net MVC claims authorization and authentication 具有可选身份验证/授权的 ASP.NET Core - ASP.NET Core with optional authentication/authorization asp.net core 中的身份验证和授权 - Authentication and Authorization in asp.net core ASP.NET MVC 4中的身份验证和角色授权 - Authentication and role authorization in ASP.NET MVC 4 Asp.Net Core 3.0 授权和认证 - Asp.Net Core 3.0 Authorization and Authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM