0
我正在将我的项目迁移到asp.net核心,并且我一直在迁移我的控制器的CustomAuthorization属性。这是我的代码。如何重写ASP.NET Core中的HandleUnauthorizedRequest
public class CustomAuthorization : AuthorizeAttribute
{
public string Url { get; set; }
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
filterContext.Result = new RedirectResult(Url + "?returnUrl=" + filterContext.HttpContext.Request.Url.PathAndQuery);
}
else if (!Roles.Split(',').Any(filterContext.HttpContext.User.IsInRole))
{
filterContext.Result = new ViewResult
{
ViewName = "AcessDenied"
};
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}
}
}
然后我用它来我控制器
[CustomAuthorization(Url = "/Admin/Account/Login", Roles = "Admin")]
public abstract class AdminController : Controller { }
所以,基本上我可以使用它时,不符合角色重定向到不同的登录页面。我有几个区域,每个人都有不同的登录页面。我尝试使用CookieAuthenticationOptions这样
services.Configure<CookieAuthenticationOptions>(options =>
{
options.AuthenticationScheme = "Admin";
options.LoginPath = "/Admin/Account/Login";
});
然后我的管理控制器上
[Area("Admin")]
[Authorize(ActiveAuthenticationSchemes = "Admin", Roles = "Admin")]
但之后,我登录,它仍然无法进入。
您是否尝试过通过这个代码加强?它会被执行吗?它在哪里失败? – Darkonekt
看看http://stackoverflow.com/questions/31464359/custom-authorizeattribute-in-asp-net-5-mvc-6 –