public void OnAuthorization(AuthorizationFilterContext context)
{
var user = context.HttpContext.User;
//var xxx = _permissionCliam;
if (!user.Identity.IsAuthenticated)
{
var result = new ApiResultModel <bool>();
result.Unauthorized();
context.Result = new JsonResult(result);
context.HttpContext.Response.StatusCode = result.Status;
return;
}
//return;
//// you can also use registered services
//var someService = context.HttpContext.RequestServices.GetRequiredService<IConfiguration>();
var alowAccess = user.Claims.Where(x => x.Value.Equals(_permissionCliam)).FirstOrDefault();
if (alowAccess == null || alowAccess.Value.isNOEOW())
{
var result = new ApiResultModel <bool>();
result.Forbidden();
context.Result = new JsonResult(result);
context.HttpContext.Response.StatusCode = result.Status;
return;
}
return;
}