ASP.NETCoreWebAPI-如何使用DBIdentity基于登录用户角色选择记录 _程序开发

ASP.NETCoreWebAPI-如何使用DBIdentity基于登录用户角色选择记录

创始人

2024-09-18 08:01:06

0次

首先在Startup.cs中启用认证和身份：

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = true,
                ValidateAudience = true,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                ValidIssuer = Configuration["Jwt:Issuer"],
                ValidAudience = Configuration["Jwt:Issuer"],
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"]))
            };
        });

services.AddIdentity()
        .AddEntityFrameworkStores()
        .AddDefaultTokenProviders();

创建名为“AuthorizationRequirement”的授权要求类，以确保只有具有特定角色的用户可以访问已授权的端点：

public class AuthorizationRequirement : IAuthorizationRequirement
{
    public string Role { get; }

    public AuthorizationRequirement(string role)
    {
        Role = role;
    }
}

public class AuthorizationRequirementHandler : AuthorizationHandler
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AuthorizationRequirement requirement)
    {
        if (!context.User.HasClaim(c => c.Type == ClaimTypes.Role && c.Value == requirement.Role))
        {
            context.Fail();
            return Task.FromResult(0);
        }

        context.Succeed(requirement);
        return Task.FromResult(0);
    }
}

创建基于授权要求的特性以保护已授权的端点：

public class AuthorizationRequirementAttribute : TypeFilterAttribute
{
    public AuthorizationRequirementAttribute(string role) : base(typeof(AuthorizationRequirementFilter))
    {
        Arguments = new object[] { new AuthorizationRequirement(role) };
    }
}

public class AuthorizationRequirementFilter : IAuthorizationFilter
{
    readonly AuthorizationRequirement _requirement;

    public AuthorizationRequirementFilter(AuthorizationRequirement requirement)
    {
        _requirement = requirement;
    }

    public void OnAuthorization(AuthorizationFilterContext context)
    {
        var authService = context.HttpContext.RequestServices.GetService(typeof(IAuthorizationService)) as IAuthorizationService;
        var authResult =

上一篇：ASP.NETCoreWebAPI-如何使用Dapper在两个日期之间进行筛选。

下一篇：ASP.NETCoreWebAPI-如何使用第三方RESTAPI注册用户并立即登录？

ASP.NETCoreWebAPI-如何使用DBIdentity基于登录用户角色选择记录

相关内容

热门资讯