Asp.net .NET Core 3.1-Angular 9-如何实现筛选器-未调用OnPageHandlerSelectionSync
我在angular客户端和.NETAPI之间有一个登录过程 发送http请求时,我需要使用过滤器验证字段是否存在 当我发送一个html请求时,过滤器没有执行,只是初始化了(构造函数)Asp.net .NET Core 3.1-Angular 9-如何实现筛选器-未调用OnPageHandlerSelectionSync,asp.net,angular,filter,Asp.net,Angular,Filter,我在angular客户端和.NETAPI之间有一个登录过程 发送http请求时,我需要使用过滤器验证字段是否存在 当我发送一个html请求时,过滤器没有执行,只是初始化了(构造函数) 永远不会调用OnPageHandlerSelectionSync 我也不知道如何检查请求中是否存在字段 我找到了关于过滤器的MS文档,但它们不使用angular,因此我不确定我的控制器是否正确设置 这是我的控制器: [Authorize] [Route("api/[controller]")
- 永远不会调用OnPageHandlerSelectionSync
- 我也不知道如何检查请求中是否存在字段
[Authorize]
[Route("api/[controller]")]
[TypeFilter(typeof(AuthorizeIndexPageHandlerFilter))]
[ApiController]
public class UsersController : ControllerBase
{
private readonly SomeDBContext context;
private readonly Settings settings;
public UsersController(SomeDBContextcontext, IOptions<Settings> settings)
{
this.context = context;
this.settings = settings.Value;
}
// POST: api/Users
[AllowAnonymous]
[AuthorizePageHandler]
[HttpPost("authenticate")]
public async Task<ActionResult<Authenticatification>> PostLogin(Authenticate authenticate)
{
[授权]
[路由(“api/[控制器]”)]
[TypeFilter(typeof(AuthorizeIndexPageHandlerFilter))]
[ApiController]
公共类UsersController:ControllerBase
{
私有只读SomeDBContext上下文;
私人只读设置;
公共用户控制器(SomeDBContextcontext、IOOptions设置)
{
this.context=上下文;
this.settings=settings.Value;
}
//帖子:api/用户
[异名]
[授权页面处理程序]
[HttpPost(“验证”)]
公共异步任务后登录(身份验证)
{
以下是我从microsoft文档中复制粘贴的代码:
public class AuthorizeIndexPageHandlerFilter : IAsyncPageFilter, IOrderedFilter
{
private readonly IAuthorizationPolicyProvider policyProvider;
private readonly IPolicyEvaluator policyEvaluator;
public AuthorizeIndexPageHandlerFilter(
IAuthorizationPolicyProvider policyProvider,
IPolicyEvaluator policyEvaluator)
{
this.policyProvider = policyProvider;
this.policyEvaluator = policyEvaluator;
}
// Run late in the selection pipeline
public int Order => 10000;
public Task OnPageHandlerExecutionAsync(PageHandlerExecutingContext context, PageHandlerExecutionDelegate next) => next();
public async Task OnPageHandlerSelectionAsync(PageHandlerSelectedContext context)
{
var attribute = context.HandlerMethod?.MethodInfo?.GetCustomAttribute<AuthorizePageHandlerAttribute>();
if (attribute is null)
{
return;
}
var policy = await AuthorizationPolicy.CombineAsync(policyProvider, new[] { attribute });
if (policy is null)
{
return;
}
await AuthorizeAsync(context, policy);
}
#region AuthZ - do not change
private async Task AuthorizeAsync(ActionContext actionContext, AuthorizationPolicy policy)
{
var httpContext = actionContext.HttpContext;
var authenticateResult = await policyEvaluator.AuthenticateAsync(policy, httpContext);
var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, httpContext, actionContext.ActionDescriptor);
if (authorizeResult.Challenged)
{
if (policy.AuthenticationSchemes.Count > 0)
{
foreach (var scheme in policy.AuthenticationSchemes)
{
await httpContext.ChallengeAsync(scheme);
}
}
else
{
await httpContext.ChallengeAsync();
}
return;
}
else if (authorizeResult.Forbidden)
{
if (policy.AuthenticationSchemes.Count > 0)
{
foreach (var scheme in policy.AuthenticationSchemes)
{
await httpContext.ForbidAsync(scheme);
}
}
else
{
await httpContext.ForbidAsync();
}
return;
}
}
#endregion
}
public类AuthorizeIndexPageHandlerFilter:IAsyncPageFilter、IOrderedFilter
{
私有只读IAuthorizationPolicyProvider policyProvider;
私有只读IPolicyEvaluator policyEvaluator;
公共授权IndexPageHandlerFilter(
IAuthorizationPolicyProvider policyProvider,
IPolicyEvaluator(政策评估员)
{
this.policyProvider=policyProvider;
this.policyEvaluator=policyEvaluator;
}
//在选择管道中运行较晚
公共秩序=>10000;
公共任务OnPageHandlerExecutionAsync(PageHandlerExecutionContext上下文,PageHandlerExecutionDelegate next)=>next();
PageHandlerSelectionAsync上的公共异步任务(PageHandlerSelectedContext)
{
var attribute=context.HandlerMethod?.MethodInfo?.GetCustomAttribute();
if(属性为空)
{
返回;
}
var policy=await AuthorizationPolicy.CombineAsync(policyProvider,new[]{attribute});
如果(策略为空)
{
返回;
}
等待授权异步(上下文、策略);
}
#区域身份验证-不更改
专用异步任务AuthorizationAsync(ActionContext ActionContext,AuthorizationPolicy策略)
{
var httpContext=actionContext.httpContext;
var authenticateResult=await policyEvaluator.authenticateSync(策略,httpContext);
var authorizeResult=await policyEvaluator.AuthorizeAsync(策略、authenticateResult、httpContext、actionContext.ActionDescriptor);
if(authorizeResult.Challenged)
{
如果(policy.AuthenticationSchemes.Count>0)
{
foreach(policy.AuthenticationSchemes中的var方案)
{
等待httpContext.ChallengeAsync(方案);
}
}
其他的
{
等待httpContext.ChallengeAsync();
}
返回;
}
否则如果(授权结果。禁止)
{
如果(policy.AuthenticationSchemes.Count>0)
{
foreach(policy.AuthenticationSchemes中的var方案)
{
等待httpContext.Async(方案);
}
}
其他的
{
等待httpContext.Async();
}
返回;
}
}
#端区
}