[英]custom authorize attribute or policy based authorization handler
I should check the custom header is present eg:["apikey"] and then check in the database thatgiven key is present.我应该检查自定义 header 是否存在,例如:[“apikey”],然后检查数据库中是否存在给定密钥。 if not present return unauthorized.
如果不存在,则未经授权返回。 should i use authorization attribute or policy based authorization handler?
我应该使用授权属性还是基于策略的授权处理程序?
Rather than authorization handler, I find custom authentication handler is a better approach for this scenario and implemented the same.而不是授权处理程序,我发现自定义身份验证处理程序是这种场景的更好方法,并且实现了相同的方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.