[英]Add Requirements to Default [Authorize] policy
在 ASP.Net Core 中有可以添加到.AddAuthorization的自定义策略。
但是,我需要向默认策略添加一个要求,因为它将在每个请求中使用。 有没有一种方法可以做到这一点,而无需创建自定义策略并始终使用[Authorize("Policy")]指定它?
services.AddAuthorization(options =>
{
options.AddPolicy("Unexpired",
policy => policy.Requirements.Add(new <requirement>));
...
有没有办法让这个政策成为默认政策的一部分?
在 ASP.NET Core 5 中,它可能是您正在寻找的option的DefaultPolicy :
var unexpiredPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser() // Remove if you don't need the user to be authenticated
.AddRequirements(new MyRequirement())
.Build();
services.AddSingleton<IAuthorizationHandler, MyRequirementHandler>();
services.AddAuthorization(options =>
{
// This line can be omitted if you don't need to be
// able to explicitly set the policy
options.AddPolicy("Unexpired", unexpiredPolicy);
// If no policy specified, use this
options.DefaultPolicy = unexpiredPolicy;
});
JWT Auth与Authorize Attribute一起使用,但不适用于[Authorize(Policy =“ Administrator”)]
[英]JWT Auth works with Authorize Attribute but not with [Authorize (Policy = “Administrator”)]
.net 核心 3.0 授权属性与 Policy、AuthenticationSchemes
[英].net core 3.0 authorize attribute with Policy, AuthenticationSchemes
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.