我想创建一个
的自定义AuthorizeAttribute
不知道该怎么做。我的意思是,如何访问属性中的用户信息以进行检查?
答案 0 :(得分:5)
public class MyAuthorizeAttribute : FilterAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAuthenticated)
{
// the user is authenticated => redirect to place1
// you could get the current user from the
// filterContext.HttpContext.User property and query your provider
// to verify if he is activated (whatever that means in your specific context)
var routeValues = new RouteValueDictionary(new
{
contoller = "foo",
action = "bar",
});
filterContext.Result = new RedirectToRouteResult(routeValues);
}
else
{
// the user is not authenticated => redirect to place2
var routeValues = new RouteValueDictionary(new
{
contoller = "bazingaS",
action = "theBaz",
});
filterContext.Result = new RedirectToRouteResult(routeValues);
}
}
}