asp.net vnext。(asp.net vnext. mvc 6. Implement simple own authorization)

我正在为倾斜vNext和新的MVC编写简单的REST服务。我想了解如何使用自定义逻辑创建简单的OWIN授权。例如，假设一个服务只有一个简单的内存中的令牌列表，我想检查一个请求是否包含该列表中存在的令牌。

如果我理解正确，我只需要覆盖AuthorizeAttribute类，但我找不到如何以正确的方式执行此操作。

public class CustomAuthorize : AuthorizeAttribute { public override Task OnAuthorizationAsync(AuthorizationContext context) { return base.OnAuthorizationAsync(context); } }

如果我误解了这个，你能解释一下我需要使用哪些课程，我可以这样做吗？

I am writing simple REST service for leaning vNext and new MVC. I want to understand how to create a simple OWIN authorization with custom logic. For example, imagine that a service has just a simple in-memory list of tokens and I want to check that a request contains token that exist in that list.

If I understood properly, I just need to override AuthorizeAttribute class, but I cannot find how to do this in the right way.

public class CustomAuthorize : AuthorizeAttribute { public override Task OnAuthorizationAsync(AuthorizationContext context) { return base.OnAuthorizationAsync(context); } }

If I misunderstood this, could you please explain what classes I need to use and can I do it.

最满意答案

您可以使用：

public class AuthorizeClass: ActionFilterAttribute { public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (context.HttpContext.Session["token"] == null || context.HttpContext.Session["user"] == null) { context.HttpContext.Response.Redirect("/login"); } await next(); } }

You can use :

更多推荐