C# 带有Ninject的自定义授权FilterAttribute中的DI
我读了很多关于这个主题的文章(包括SO),但仍然无法在AuthorizationFilterAttribute中找到使用Ninject进行依赖注入的正确解决方案。当前的代码正在运行,但我非常确定应该有更好的解决方案C# 带有Ninject的自定义授权FilterAttribute中的DI,c#,dependency-injection,ninject,iauthorizationfilter,C#,Dependency Injection,Ninject,Iauthorizationfilter,我读了很多关于这个主题的文章(包括SO),但仍然无法在AuthorizationFilterAttribute中找到使用Ninject进行依赖注入的正确解决方案。当前的代码正在运行,但我非常确定应该有更好的解决方案 public override void OnAuthorization(HttpActionContext actionContext) { var ts = GlobalConfiguration.Configuration.DependencyResolver
public override void OnAuthorization(HttpActionContext actionContext)
{
var ts = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(TokenService));
try
{
var token = GetHeader(actionContext.Request);
if (token == null)
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("Token not found")
};
return;
}
else
{
var tks = ts as TokenService;
var tkn = Task.Run(() => tks.FindToken(token)).Result;
if (tkn.ValidTill > DateTime.Now)
{
var us = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(UserService));
var uss = us as UserService;
var user = Task.Run(() => uss.FindByTokenValue(token)).Result;
if (user != null)
{
if (!_roles.Contains(user.RoleName))
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Forbidden)
{
Content = new StringContent("You role permission is not enough")
};
return;
}
var identity = new Identity { Name = user.Login, IsAuthenticated = true };
var principal = new GenericPrincipal(identity, new[] { user.RoleName });
actionContext.RequestContext.Principal = principal;
Thread.CurrentPrincipal = principal;
base.OnAuthorization(actionContext);
_roles = null;
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("User not found")
};
return;
}
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent($"Token valid till {tkn.ValidTill}")
};
return;
}
}
}
catch (Exception ex)
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent($"Authorization error: {ex.Message}")
};
return;
}
}
你想要的是:
Ninject.Web.WebApi.FilterBindingSyntax.BindingRootExtensions
.BindHttpFilter<SomeAuthorisationFilter>(kernel,
Http.Filters.FilterScope.Global)
Ninject.Web.WebApi.FilterBindingSyntax.BindingRootExtensions
.BindHttpFilter(内核,
Http.Filters.FilterScope.Global)