宋彩莲,三星r518,毛岸英的资料
目前一直在用policy做权限校验,但是好像组里需要将返回结果统一,之前用的都是直接继承authorizationhandler然后调用context.fail(),但是这样会导致没办法自定义返回结果比如{code:403,msg:'未授权',data:null},
也百度了下 这里也说了3.0后就改掉了之前可以通过result来返回,但是现在不行了,之后又查了下资料无果,今天心血来潮直接用httpcontext来返回结果可以了。。。。。
直接上代码吧
public class apiurlpermissionhandler : authorizationhandler<apiurlpermissionrequirement>
{
private readonly ihttpcontextaccessor _accessor;
private readonly ilogger<apiurlpermissionhandler> _logger;
private readonly ipermissionwatchdog _permissionwatchdog;
public apiurlpermissionhandler(ihttpcontextaccessor accessor,ilogger<apiurlpermissionhandler> logger, ipermissionwatchdog permissionwatchdog)
{
this._accessor = accessor;
this._logger = logger;
this._permissionwatchdog = permissionwatchdog;
}
protected override async task handlerequirementasync(authorizationhandlercontext context, apiurlpermissionrequirement requirement)
{
var httpcontext = _accessor.httpcontext;
var isauthenticated = context.user.identity.isauthenticated;
if (isauthenticated)
{
var uid = httpcontext.user.claims.firstordefault(s => s.type == "uid")?.value;
if (uid.isnullorwhitespace())
{
context.fail();
return;
}
//判断是否有权限
var questurl = httpcontext.request.path.value.tolower();
if (!await _permissionwatchdog.passapipermasync(uid, questurl))
{
context.fail();
return;
}
context.succeed(requirement);
}
else
{
httpcontext.response.contenttype = "application/json; charset=utf-8";
await httpcontext.response.writeasync(jsonconvert.serializeobject(new { a="123",b="435"}));
await httpcontext.response.body.flushasync();
//context.fail();
}
}
}
有不对或者更好的方法希望园友提供指出谢谢
如对本文有疑问,请在下面进行留言讨论,广大热心网友会与你互动!! 点击进行留言回复
Blazor server side 自家的一些开源的, 实用型项目的进度之 CEF客户端
.NET IoC模式依赖反转(DIP)、控制反转(Ioc)、依赖注入(DI)
vue+.netcore可支持业务代码扩展的开发框架 VOL.Vue 2.0版本发布
网友评论