[英]Pass connection string to custom AuthorizeAttribute in asp.net core
我正在將AuthorizationFilterAttribute從 asp.net web api 遷移到 asp.net core web api。
KeywordAuthorizationAttribute下面是我的 asp.net 核心屬性代碼。
public class KeywordAuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
var user = context.HttpContext.User;
if (user.Identity.IsAuthenticated)
{
SQLDataAccess sqlDataAccess = new SQLDataAccess(**passedConnectionStringFrom_appsettings.json**);
var username = context.HttpContext.User.Identity.Name.Substring
(context.HttpContext.User.Identity.Name.LastIndexOf(@"\") + 1);
if (!sqlDataAccess.IsUserAllowed((string)context.RouteData.Values["Controller"], username))
{
context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.Forbidden);
return;
}
}
else
{
context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.Unauthorized);
return;
}
}
}
KeywordAuthorizationAttribute示例 - 如果控制器或控制器操作使用此 AuthorizeAttribute 進行修飾,它將獲取用戶名並從數據庫中檢查該控制器的訪問權限。
[Authorize]
[HttpGet]
[KeywordAuthorization]
public IActionResult Get()
{
return Ok();
}
我的問題是如何將連接字符串傳遞給KeywordAuthorizationAttribute ? 我已經在 appsettings.json 中設置了連接字符串
{
"ConnectionStrings": {
"EmployeeDBConnection": "server=(localdb)\\MSSQLLocalDB;database=EmployeeDB;Trusted_Connection=true"
}
}
使用AuthorizationFilterContext.HttpContext.RequestServices.GetService從傳遞到您的OnAuthorization方法的上下文參數的方法:
public void OnAuthorization(AuthorizationFilterContext context)
{
...
if (user.Identity.IsAuthenticated)
{
var connectionString = context.HttpContext.RequestServices
.GetService(typeof(IConfiguration))
.GetConnectionString("EmployeeDBConnection");
// GetConnectionString is an extension method, so add
// using Microsoft.Extensions.Configuration
...
}
}
使用這種技術,您也可以簡單地使用您的DbContext 。
您將需要像 Startup.cs 一樣使用 Configuration 擴展,您可以通過以下方式獲取連接字符串:
Configuration.GetConnectionString("EmployeeDBConnection");
AuthorizeAttribute 在 ASP.net 核心中返回自定義值(無覆蓋)
[英]AuthorizeAttribute return Custom Value in ASP.net Core (Without Override)
如何在 ASP.NET Core 中創建自定義 AuthorizeAttribute?
[英]How do you create a custom AuthorizeAttribute in ASP.NET Core?
Asp.Net Core:訪問AuthorizeHandler中的自定義AuthorizeAttribute屬性
[英]Asp.Net Core: Access custom AuthorizeAttribute property in AuthorizeHandler
ASP.NET 內核 Web API 自定義 AuthorizeAttribute 問題
[英]ASP.NET Core Web API custom AuthorizeAttribute issue
如何在ASP.NET Core中創建自定義策略AuthorizeAttribute?
[英]How do you create a custom Policy AuthorizeAttribute in ASP.NET Core?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.