如何在。net Core中使用IAuthenticationFilter进行身份验证?
public class CustomAuthenticationFilter : ActionFilterAttribute, IAuthenticationFilter
{
void IAuthenticationFilter.OnAuthentication(AuthenticationContext filterContext)
{
if (string.IsNullOrEmpty(Convert.ToString(filterContext.HttpContext.Session["Username"])))
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
void IAuthenticationFilter.OnAuthenticationChallenge(AuthenticationChallengeContext filterContext)
{
if (filterContext.Result == null || filterContext.Result is HttpUnauthorizedResult)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "controller", "Account" },
{ "action", "Login" } });
}
}
}
我是一个新手与。net核心和过滤器。在允许用户访问控制器中的操作之前,我试图使用过滤器对用户进行身份验证。在。net Core中使用它会给出一个错误
"错误CS7069引用类型'HttpContextBase'声明它是在'System '中定义的。网页,但无法找到"
搜索这个错误后,我发现这只在。net框架中可用。如何在。net Core中使用过滤器进行身份验证?
Asp.net core不包含IAuthenticationFilter,如果您想对用户进行身份验证,我建议您可以尝试参考这篇文章。
如果你想在进入控制器之前检查用户的声明,比如角色,你可以考虑使用IAuthorizationFilter。
更多细节,可以参考下面的代码:
public class CustomAuthorizationFilterAttribute : Attribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
string currentUserRole = Convert.ToString(context.HttpContext.Session.GetString("UserRole"));
if (!string.IsNullOrEmpty(currentUserRole))
{
if (currentUserRole != "Admin")
{
context.Result = new RedirectToRouteResult
(
new RouteValueDictionary(new
{
action = "Error",
controller = "Error"
}));
}
else
{
context.Result = new RedirectToRouteResult
(
new RouteValueDictionary(new
{
action = "Error",
controller = "Error"
}));
}
}
else
{
context.Result = new RedirectToRouteResult
(
new RouteValueDictionary(new
{
action = "Error",
controller = "Error"
}));
}
}
}