我在中间件中使用以下代码:
"require": {
"php": "^7.2.5",
"ext-ctype": "*",
"ext-iconv": "*",
"antishov/doctrine-extensions-bundle": "^1.4",
"knplabs/knp-paginator-bundle": "^5.1",
"sensio/framework-extra-bundle": "^5.1",
"symfony/asset": "5.0.*",
"symfony/console": "5.0.*",
"symfony/dotenv": "5.0.*",
"symfony/expression-language": "5.0.*",
"symfony/flex": "^1.3.1",
"symfony/form": "5.0.*",
"symfony/framework-bundle": "5.0.*",
"symfony/http-client": "5.0.*",
"symfony/intl": "5.0.*",
"symfony/mailer": "5.0.*",
"symfony/monolog-bundle": "^3.1",
"symfony/notifier": "5.0.*",
"symfony/orm-pack": "*",
"symfony/process": "5.0.*",
"symfony/security-bundle": "5.0.*",
"symfony/serializer-pack": "*",
"symfony/string": "5.0.*",
"symfony/translation": "5.0.*",
"symfony/twig-pack": "*",
"symfony/validator": "5.0.*",
"symfony/web-link": "5.0.*",
"symfony/webpack-encore-bundle": "^1.7",
"symfony/yaml": "5.0.*"
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.3",
"fzaninotto/faker": "^1.9",
"symfony/debug-pack": "*",
"symfony/maker-bundle": "^1.0",
"symfony/profiler-pack": "*",
"symfony/test-pack": "*"
}
但是,它仅在客户端上使用身份验证时才有效,但这不是必需的,因为我已经处理了服务器上的所有自动化。我只是想在从服务器收到401或403时将任何操作重定向到登录页面,例如:
app.UseStatusCodePages(context =>
{
var response = context.HttpContext.Response;
if (response.StatusCode == (int)HttpStatusCode.Unauthorized ||
response.StatusCode == (int)HttpStatusCode.Forbidden)
response.Redirect("/SampleController/LoginUserAction");
return Task.CompletedTask;
});
但是我不想从接收到响应的每个控制器动作中重复调用它。我想在Startup中编写一个代码,只要收到未经授权的响应,就会自动调用该代码,类似于上面编写的代码。
我将不胜感激。
答案 0 :(得分:1)
所以未经授权的请求将重定向到登录页面。
services.ConfigureApplicationCookie(options =>
{
options.AccessDeniedPath = "/Identity/Account/AccessDenied";
options.Cookie.Name = "YourAppCookieName";
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
options.LoginPath = "/Identity/Account/Login";
// ReturnUrlParameter requires
//using Microsoft.AspNetCore.Authentication.Cookies;
options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
options.SlidingExpiration = true;
});
根据文档,在调用AddIdentity或AddDefaultIdentity之后,必须必须调用ConfigureApplicationCookie。
答案 1 :(得分:1)
您可以创建其他控制器从其继承的基本控制器,然后覆盖OnActionExecuted
方法以检查状态码并在必要时进行重定向,如下所示:
public class BaseController : Controller
{
protected override void OnActionExecuted(ActionExecutedContext context)
{
if(context.HttpContext.Response.StatusCode == 403)
{
context.Result = new RedirectToRouteResult(new RouteValueDictionary(new
{
controller = "Sample",
action = "LoginUserAction"
}));
}
}
}
和所有其他应该共享此行为的控制器将从BaseController
继承,如下所示:
public class SampleController : BaseController
{
//more here
}