Fatal编程技术网
  • blazor/
  • 如何为Blazor页面实现自定义授权过滤器

如何为Blazor页面实现自定义授权过滤器

blazor

如何为Blazor页面实现自定义授权过滤器,blazor,blazor-server-side,Blazor,Blazor Server Side,Blazor服务器端.NET Core 3.1.x 查看有关授权的示例,我正在尝试为自定义授权筛选器/属性获取解决方案。我只需要在授权期间检查用户身份 在Blazor页面的顶部,在@page之后 @attribute [MyAuthFilter] 过滤器。不过,授权从未受到影响 public class MyAuthFilter: AuthorizeAttribute,IAuthorizationFilter { public void OnAuthorization(Authori

Blazor服务器端.NET Core 3.1.x 查看有关授权的示例,我正在尝试为自定义授权筛选器/属性获取解决方案。我只需要在授权期间检查用户身份

在Blazor页面的顶部,在@page之后

@attribute [MyAuthFilter]
过滤器。不过,授权从未受到影响

public class MyAuthFilter: AuthorizeAttribute,IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationFilterContext context)
    {
        var httpContext = context.HttpContext;


        // get user name
        string userName = httpContext.User.Identity.Name;

        // todo - call method to check user access
        // check against list to see if access permitted
        //context.Result = new UnauthorizedResult();

    }
}
下面的代码片段描述了如何执行授权过程,以及如何以及在何处为授权用户显示内容。您可以根据此处显示的代码构建自己的组件:

剃须刀 ProfileOwnerRequirement.cs 创业班 
services.AddSingleton();
services.AddAuthorization(配置=>
{
config.AddPolicy(“CanEditProfile”,policy=>
policy.Requirements.Add(新ProfileOwnerRequirement());
});
希望这有帮助

你是否考虑过使用基于策略的授权,比如:[授权(策略=“A策略”)]:是的,这可能是我需要去的WYA。只需对照现有数据库检查用户身份,如果找不到,请重定向到页面,这样您就有了答案是的,谢谢!我现在已经朝那个方向走了。请参阅我的另一篇文章,由于某些原因,我的处理程序代码没有被调用。我真的不需要分开的授权/未授权内容,而只是想在授权上做一些自定义逻辑,所以您展示的区别是,我使用了页面级别的authorize attribute@attribute[authorize(Policy=Policies.IsValidUser)] 
@page "/profile"
@page "/profile/{id}"


<AuthorizeView Policy="CanEditProfile" Resource="@ID">
    <NotAuthorized>
       <h2 class="mt-5">You are not authorized to view this page</h2>
    </NotAuthorized>
<Authorized>
    <div class="container my-profile">
        <h2>My Profile</h2>
        --- Place here all the content you want your user to view ----
    </div>
 </Authorized>
</AuthorizeView>

@code {

    [Parameter]
    public string ID { get; set; }
}  

public class ProfileHandler : IAuthorizationHandler
{
    public Task HandleAsync(AuthorizationHandlerContext context)
    {
        if (context.User != null)
        {
            var pendingRequirements = context.PendingRequirements.ToList();

            foreach (var requirement in pendingRequirements)
            {
                if (requirement is ProfileOwnerRequirement)
                {
                    // get profile id from resource, passed in from blazor 
                    //  page component
                    var resource = context.Resource?.ToString();
                    var hasParsed = int.TryParse(resource, out int 
                                                       profileID);
                    if (hasParsed)
                    {

                        if (IsOwner(context.User, profileID))
                        {
                            context.Succeed(requirement);
                        }
                    }
                }
            }

        }
        return Task.CompletedTask;
    }
    private bool IsOwner(ClaimsPrincipal user, int profileID)
    {
        // compare the requested memberId to the user's actual claim of 
        // memberId
        //  var isAuthorized = context.User.GetMemberIdClaim();
        // now we know if the user is authorized or not, and can act 
        // accordingly

        var _profileID = user.GetMemberIDClaim();


        return _profileID == profileID;
     }

 }

 public class ProfileOwnerRequirement : IAuthorizationRequirement
 {
    public ProfileOwnerRequirement() { }

 }

services.AddSingleton<IAuthorizationHandler, ProfileHandler>();

        services.AddAuthorization(config =>
        {
            config.AddPolicy("CanEditProfile", policy =>
                policy.Requirements.Add(new ProfileOwnerRequirement()));
        });