![](/img/trans.png)
[英]AuthorizeAttribute return Custom Value in ASP.net Core (Without Override)
[英]Pass connection string to custom AuthorizeAttribute in asp.net core
我正在將AuthorizationFilterAttribute
從 asp.net web api 遷移到 asp.net core web api。
KeywordAuthorizationAttribute
下面是我的 asp.net 核心屬性代碼。
public class KeywordAuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
var user = context.HttpContext.User;
if (user.Identity.IsAuthenticated)
{
SQLDataAccess sqlDataAccess = new SQLDataAccess(**passedConnectionStringFrom_appsettings.json**);
var username = context.HttpContext.User.Identity.Name.Substring
(context.HttpContext.User.Identity.Name.LastIndexOf(@"\") + 1);
if (!sqlDataAccess.IsUserAllowed((string)context.RouteData.Values["Controller"], username))
{
context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.Forbidden);
return;
}
}
else
{
context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.Unauthorized);
return;
}
}
}
KeywordAuthorizationAttribute
示例 - 如果控制器或控制器操作使用此 AuthorizeAttribute 進行修飾,它將獲取用戶名並從數據庫中檢查該控制器的訪問權限。
[Authorize]
[HttpGet]
[KeywordAuthorization]
public IActionResult Get()
{
return Ok();
}
我的問題是如何將連接字符串傳遞給KeywordAuthorizationAttribute
? 我已經在 appsettings.json 中設置了連接字符串
{
"ConnectionStrings": {
"EmployeeDBConnection": "server=(localdb)\\MSSQLLocalDB;database=EmployeeDB;Trusted_Connection=true"
}
}
使用AuthorizationFilterContext.HttpContext.RequestServices.GetService
從傳遞到您的OnAuthorization方法的上下文參數的方法:
public void OnAuthorization(AuthorizationFilterContext context)
{
...
if (user.Identity.IsAuthenticated)
{
var connectionString = context.HttpContext.RequestServices
.GetService(typeof(IConfiguration))
.GetConnectionString("EmployeeDBConnection");
// GetConnectionString is an extension method, so add
// using Microsoft.Extensions.Configuration
...
}
}
使用這種技術,您也可以簡單地使用您的DbContext
。
您將需要像 Startup.cs 一樣使用 Configuration 擴展,您可以通過以下方式獲取連接字符串:
Configuration.GetConnectionString("EmployeeDBConnection");
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.