我正在关注教程secure web api。并在自定义授权属性中添加了此代码。但是这个过滤器不起作用,它没有触发,断点没有命中。当我在某个动作上使用它时,然后调用动作但是不调用该属性。
public class RESTAuthorizeAttribute : AuthorizeAttribute
{
private const string _securityToken = "token";
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (Authorize(filterContext))
{
return;
}
HandleUnauthorizedRequest(filterContext);
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
base.HandleUnauthorizedRequest(filterContext);
}
private bool Authorize(AuthorizationContext actionContext)
{
try
{
HttpRequestBase request = actionContext.RequestContext.HttpContext.Request;
string token = request.Params[_securityToken];
return SecurityManager.IsTokenValid(token, CommonManager.GetIP(request), request.UserAgent);
}
catch (Exception)
{
return false;
}
}
}
采取行动:
[RESTAuthorize] //this donot get fired,bpoint not hit
public IEnumerable<string> Get()//this fires and bpoint hit
{
return new string[] { "value1", "value2" };
}