如何解决如果appsettings.json中的“允许”字段为true,是否可以允许未经授权的用户访问控制器?
正如标题所述,我尝试让控制器区分两种状态。
但是我并不是很安静地了解如何使用策略来实现它。 我可以通过某种方式将布尔值传递给授权属性吗?
控制器
[Authorize(Policy ="Unauthenticated")] // to pass here some additional argument
public string GetController();
解决方法
在基于策略的授权处理程序方法中,您可以使用Configuration provider获取open -na "PyCharm CE.app" .
值,然后根据该值执行策略授权或忽略授权。
例如,基于this article,我创建了MinimumAgeHandler:
allowed
和MinimumAgeRequirement:
public class MinimumAgeHandler : AuthorizationHandler<MinimumAgeRequirement>
{
private readonly UserManager<ApplicationUser> _userManager; //used to get the current user information.
private readonly IConfiguration _configuration;
public MinimumAgeHandler(UserManager<ApplicationUser> manager,IConfiguration configuration)
{
_userManager = manager;
_configuration = configuration;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,MinimumAgeRequirement requirement)
{
if (context.User == null)
{
return Task.CompletedTask;
}
if (!context.User.HasClaim(c => c.Type == ClaimTypes.Name))
{
//TODO: Use the following if targeting a version of
//.NET Framework older than 4.6:
// return Task.FromResult(0);
return Task.CompletedTask;
}
//get the Allowed value from the appsettings.json.
var isAllowed = _configuration["Allowed"];
//
if (isAllowed != "True")
{
//policy authorization handler
var user = context.User;
var age = _userManager.GetUserAsync(user).Result.Age;
if (age >= requirement.MinimumAge)
{
context.Succeed(requirement);
}
}
else
{
//ignore the policy authorization handler.
context.Succeed(requirement);
}
//TODO: Use the following if targeting a version of
//.NET Framework older than 4.6:
// return Task.FromResult(0);
return Task.CompletedTask;
}
}
然后,注册授权:
public class MinimumAgeRequirement : IAuthorizationRequirement
{
public int MinimumAge { get; }
public MinimumAgeRequirement(int minimumAge)
{
MinimumAge = minimumAge;
}
}
在appsettings.json文件中添加 services.AddAuthorization(options =>
{
options.AddPolicy("AtLeast21",policy =>
policy.Requirements.Add(new MinimumAgeRequirement(21)));
});
services.AddScoped<IAuthorizationHandler,MinimumAgeHandler>();
。
最后,在操作方法中添加Authorize属性:
"Allowed": true,
使用上述示例代码,在用户登录后,如果 [Authorize(Policy = "AtLeast21")]
public IActionResult Index()
{
}
为Allowed
,它将忽略MinimumAge验证。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。