[英]How to use multiple login pages in .ASP.NET Core MVC and unauthorized user redirect different login page
我的应用程序中有两个登录页面。
两者都是不同表管理的数据库表。
我正在使用声明类型登录。
var user =new AdminUserViewModel();
// create claims for user's username
var claims = new List<Claim>();
if (!string.IsNullOrEmpty(user.UserName))
{
claims.Add(new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String, "Admin"));
claims.Add(new Claim("UserId", user.AdminUserId.ToString(), ClaimValueTypes.Integer64, "Admin"));
claims.Add(new Claim("AdminUserPermissionMapping", JsonConvert.SerializeObject(user.AdminUserPermissions), ClaimValueTypes.String, "Admin"));
}
// create principal for the current authentication scheme
var userIdentity = new ClaimsIdentity(claims, "Authentication");
var userPrincipal = new ClaimsPrincipal(userIdentity);
// set value indicating whether session is persisted and the time at which the authentication was issued
var authenticationProperties = new AuthenticationProperties
{
IsPersistent = isPersistent,
IssuedUtc = DateTime.Now
};
// sign in
// await httpContextAccessor.HttpContext.SignInAsync(WebAuthenticationDefaults.AuthenticationScheme, userPrincipal, authenticationProperties);
await httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal, authenticationProperties);
创建自定义 AuthorizeAttribute。
[AttributeUsage(AttributeTargets.Class)]
public sealed class ILGAuthorizeAttribute : Attribute, IAuthorizationFilter
{
private readonly ILGAuthorizeScheme _AuthenticationScheme;
public ILGAuthorizeAttribute(ILGAuthorizeScheme AuthenticationScheme)
{
_AuthenticationScheme = AuthenticationScheme;
}
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
var controllerActionDescriptor = filterContext.ActionDescriptor as ControllerActionDescriptor;
if (controllerActionDescriptor != null)
{
var actionAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true);
if (actionAttributes.Any(x => x is AllowAnonymousAttribute))
return;
}
if (filterContext != null)
{
string url = filterContext.HttpContext.Request.Path;
if (filterContext.HttpContext.User.Identity.IsAuthenticated)
{
if (url.ToLower().StartsWith("/admin") && _AuthenticationScheme.ToString().ToLower() == "admin")
{
var authenticateAdminResult = filterContext.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == "UserId" && claim.Issuer.Equals("Admin", StringComparison.InvariantCultureIgnoreCase));
if (authenticateAdminResult == null)
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "", controller = "Home", action = "Index" }));
}
else
{
var authenticateSubscriberResult = filterContext.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == "SubscriberId" && claim.Issuer.Equals("Subscriber", StringComparison.InvariantCultureIgnoreCase));
if (authenticateSubscriberResult == null)
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Admin", controller = "Home", action = "Index" }));
}
}
else
{
if (url.ToLower().StartsWith("/admin"))
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Admin", controller = "Account", action = "Login" }));
else
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "", controller = "Account", action = "CreateUsernamePassword" }));
}
}
}
}
ASP.Net Mvc Core Project未经授权的请求不会重定向到“登录”页面
[英]ASP.Net Mvc Core Project unauthorized request doesn't redirect to Login page
根据ASP.NET MVC 4 Internet应用程序登录中的用户角色重定向到其他页面
[英]redirect to different pages based on user role in ASP.NET MVC 4 Internet Application Login
将未经授权的用户重定向到自定义登录视图 [Asp.net Core 5]
[英]Redirect unauthorized users to custom login view [Asp.net Core 5]
ASP.NET MVC5 WebAPI2防止未经授权的重定向到登录页面
[英]ASP.NET MVC5 WebAPI2 Prevent Unauthorized Redirect to Login Page
登录 Asp.net 核心 mvc 后如何重定向到上次访问的页面
[英]How to Redirect to Last Visited page After Login in Asp.net core mvc
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.