ASP.NET Core:[基于策略的授权]未指定authenticationScheme,并且未找到DefaultChallengeScheme

时间:2019-05-30 16:07:05

标签: .net-core asp.net-core-mvc asp.net-core-2.0

我使用基于策略的身份验证来提供基于菜单权限的登录用户访问权限。如果菜单具有访问权限,则我调用context.Succeed(requirement);,但发生错误(未经授权的菜单访问)时,我想将其重定向到主页。如何在filterContext.Result中实现? 这是我的代码:

protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) {
    var filterContext = context.Resource as AuthorizationFilterContext;
    var sessionObj = SessionManager.GetObjectFromJson<AuthenticateUserInfo>(filterContext.HttpContext.Session, "oLoginModel");
    if (context.User == null)
    {
        // no user authorizedd. Alternatively call context.Fail() to ensure a failure 
        // as another handler for this requirement may succeed
        context.Fail();
        //filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Login", action = "LogOn" }));
        return Task.CompletedTask;
    }
    //var obj = context.Requirements.
    bool hasPermission = sessionObj == null ? false : sessionObj.Menus.Any(m => m.ControllerName == requirement.ControllerName); //.Any(= requirement.ControllerName);
    if (hasPermission)
    {
        context.Succeed(requirement);
    }
    else
    {
        filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Home", action = "Index", area = "" }));
    }
    return Task.CompletedTask;
}

我引用了Redirect From Action Filter Attribute链接,但这是针对ASP.NET MVC的,我已经在MVC中实现,但是在MVC Core中无法使用。

0 个答案:

没有答案