Blazor服务器端.NET Core 3.1.x 查看有关授权的示例,我正在尝试为自定义授权过滤器/属性提供解决方案。我只需要在授权过程中检查用户身份即可。
https://docs.microsoft.com/en-us/aspnet/core/security/blazor/?view=aspnetcore-3.1
在Blazor页面的顶部,在@page之后
@attribute [MyAuthFilter]
过滤器。但是,OnAuthorization永远不会受到打击。
public class MyAuthFilter: AuthorizeAttribute,IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
var httpContext = context.HttpContext;
// get user name
string userName = httpContext.User.Identity.Name;
// todo - call method to check user access
// check against list to see if access permitted
//context.Result = new UnauthorizedResult();
}
}
答案 0 :(得分:1)
以下代码段描述了如何执行授权过程,以及如何以及在何处显示授权用户的内容。您可以根据此处显示的代码构建自己的组件:
@page "/profile"
@page "/profile/{id}"
<AuthorizeView Policy="CanEditProfile" Resource="@ID">
<NotAuthorized>
<h2 class="mt-5">You are not authorized to view this page</h2>
</NotAuthorized>
<Authorized>
<div class="container my-profile">
<h2>My Profile</h2>
--- Place here all the content you want your user to view ----
</div>
</Authorized>
</AuthorizeView>
@code {
[Parameter]
public string ID { get; set; }
}
public class ProfileHandler : IAuthorizationHandler
{
public Task HandleAsync(AuthorizationHandlerContext context)
{
if (context.User != null)
{
var pendingRequirements = context.PendingRequirements.ToList();
foreach (var requirement in pendingRequirements)
{
if (requirement is ProfileOwnerRequirement)
{
// get profile id from resource, passed in from blazor
// page component
var resource = context.Resource?.ToString();
var hasParsed = int.TryParse(resource, out int
profileID);
if (hasParsed)
{
if (IsOwner(context.User, profileID))
{
context.Succeed(requirement);
}
}
}
}
}
return Task.CompletedTask;
}
private bool IsOwner(ClaimsPrincipal user, int profileID)
{
// compare the requested memberId to the user's actual claim of
// memberId
// var isAuthorized = context.User.GetMemberIdClaim();
// now we know if the user is authorized or not, and can act
// accordingly
var _profileID = user.GetMemberIDClaim();
return _profileID == profileID;
}
}
public class ProfileOwnerRequirement : IAuthorizationRequirement
{
public ProfileOwnerRequirement() { }
}
services.AddSingleton<IAuthorizationHandler, ProfileHandler>();
services.AddAuthorization(config =>
{
config.AddPolicy("CanEditProfile", policy =>
policy.Requirements.Add(new ProfileOwnerRequirement()));
});
希望这会有所帮助!