关于c#:ASP.NET IAuthorizationFilter OnAuthorization

ASP.NET IAuthorizationFilter OnAuthorization

嗨,我正在尝试实现自定义授权过滤器

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
 //The Authourization attribute on a controller
public class CustomAdminAuthorizationFilter : IAuthorizationFilter
{
    private readonly IAuthentication _authentication;

    public SageAdminAuthorizationFilter(IAuthentication authentication)
    {
        _authentication = authentication;
    }

    public void OnAuthorization(AuthorizationContext filterContext)
    {
       bool result = _authentication.Authorize(filterContext.HttpContext);
    }
}

如您在OnAuthorization上看到的,我得到的结果为true,为false。
我需要设定什么才能返回原籍?

编辑:

似乎仍然让我直接进入登录页面

我确实注入了IAuthetication

1
2
 this.BindFilter<CustomAdminAuthorizationFilter>(FilterScope.Controller, 0);
   Bind<IAuthentication>().To<CustomAuthenticationService>();

然后,我在控制器中装饰了我的动作。

1
2
3
4
5
6
7
8
[Authorize]
    public ActionResult Index()
    {
        ViewBag.Title ="Welcome";
        ViewBag.Message ="Welcome to ASP.NET MVC!";

        return View();
    }

在我的web.config我使用

1
2
  <forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>

应该改变吗?

任何帮助将不胜感激。


将其更改为Attribute,而不是简单的IAuthorizationFilter

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class SageAdminAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
{
    readonly IAuthentication _authentication;

    public SageAdminAuthorizeAttribute(IAuthentication authentication)
    {
        _authentication = authentication;
    }

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (!_authentication.Authorize(filterContext.HttpContext))
            filterContext.Result = new HttpUnauthorizedResult();
    }
}

现在,不使用[Authorize],而是使用新的[SageAdminAuthorize]属性

1
2
3
4
5
6
7
8
[SageAdminAuthorize]
public ActionResult Index()
{
    ViewBag.Title ="Welcome";
    ViewBag.Message ="Welcome to ASP.NET MVC!";

    return View();
}