重定向到登录页面,来自服务器的未经授权的响应

时间:2020-02-21 14:45:36

标签: c# .net asp.net-core

我在中间件中使用以下代码:

"require": {
    "php": "^7.2.5",
    "ext-ctype": "*",
    "ext-iconv": "*",
    "antishov/doctrine-extensions-bundle": "^1.4",
    "knplabs/knp-paginator-bundle": "^5.1",
    "sensio/framework-extra-bundle": "^5.1",
    "symfony/asset": "5.0.*",
    "symfony/console": "5.0.*",
    "symfony/dotenv": "5.0.*",
    "symfony/expression-language": "5.0.*",
    "symfony/flex": "^1.3.1",
    "symfony/form": "5.0.*",
    "symfony/framework-bundle": "5.0.*",
    "symfony/http-client": "5.0.*",
    "symfony/intl": "5.0.*",
    "symfony/mailer": "5.0.*",
    "symfony/monolog-bundle": "^3.1",
    "symfony/notifier": "5.0.*",
    "symfony/orm-pack": "*",
    "symfony/process": "5.0.*",
    "symfony/security-bundle": "5.0.*",
    "symfony/serializer-pack": "*",
    "symfony/string": "5.0.*",
    "symfony/translation": "5.0.*",
    "symfony/twig-pack": "*",
    "symfony/validator": "5.0.*",
    "symfony/web-link": "5.0.*",
    "symfony/webpack-encore-bundle": "^1.7",
    "symfony/yaml": "5.0.*"
},
"require-dev": {
    "doctrine/doctrine-fixtures-bundle": "^3.3",
    "fzaninotto/faker": "^1.9",
    "symfony/debug-pack": "*",
    "symfony/maker-bundle": "^1.0",
    "symfony/profiler-pack": "*",
    "symfony/test-pack": "*"
}

但是,它仅在客户端上使用身份验证时才有效,但这不是必需的,因为我已经处理了服务器上的所有自动化。我只是想在从服务器收到401或403时将任何操作重定向到登录页面,例如:

app.UseStatusCodePages(context =>
            {
                var response = context.HttpContext.Response;

                if (response.StatusCode == (int)HttpStatusCode.Unauthorized ||
                    response.StatusCode == (int)HttpStatusCode.Forbidden)
                    response.Redirect("/SampleController/LoginUserAction");

                return Task.CompletedTask;

            });

但是我不想从接收到响应的每个控制器动作中重复调用它。我想在Startup中编写一个代码,只要收到未经授权的响应,就会自动调用该代码,类似于上面编写的代码。

我将不胜感激。

2 个答案:

答案 0 :(得分:1)

您可以在ConfigureServices

中设置登录路径

所以未经授权的请求将重定向到登录页面。

services.ConfigureApplicationCookie(options =>
{
    options.AccessDeniedPath = "/Identity/Account/AccessDenied";
    options.Cookie.Name = "YourAppCookieName";
    options.Cookie.HttpOnly = true;
    options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
    options.LoginPath = "/Identity/Account/Login";
    // ReturnUrlParameter requires 
    //using Microsoft.AspNetCore.Authentication.Cookies;
    options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
    options.SlidingExpiration = true;
});

根据文档,在调用AddIdentity或AddDefaultIdentity之后,必须必须调用ConfigureApplicationCookie。

答案 1 :(得分:1)

您可以创建其他控制器从其继承的基本控制器,然后覆盖OnActionExecuted方法以检查状态码并在必要时进行重定向,如下所示:

public class BaseController : Controller
{ 
    protected override void OnActionExecuted(ActionExecutedContext context)
    {
        if(context.HttpContext.Response.StatusCode == 403)
        {
            context.Result = new RedirectToRouteResult(new RouteValueDictionary(new
            {
                controller = "Sample",
                action = "LoginUserAction"
            }));
        }
    }
}

和所有其他应该共享此行为的控制器将从BaseController继承,如下所示:

public class SampleController : BaseController
{
     //more here
}
相关问题
最新问题