public async Task OnPageHandlerExecutionAsync(PageHandlerExecutingContext context, PageHandlerExecutionDelegate next) { //在调用处理程序方法前,但在模型绑定结束后,进行异步调用。 //context.ActionDescriptor.FilterDescriptors var authenticateResult = await context.HttpContext.AuthenticateAsync(AdminAuthorizeAttribute.AuthenticationScheme); if (authenticateResult.Succeeded && !context.Filters.Any(_ => _ is AllowAnonymousFilter)) { AdminPageModelBase adminPageModel = context.HandlerInstance as AdminPageModelBase; //adminPageModel.SysMenuDtos = await _sysMenuService.GetMenuTreeDtoByCacheAsync(); adminPageModel.AdminWorkContext = _adminWorkContextProvider.GetAdminWorkContext(); bool hasPageRoute = context.RouteData.Values.TryGetValue("page", out object page); bool hasAreaRoute = context.RouteData.Values.TryGetValue("area", out object area); bool hasRight = hasPageRoute && hasAreaRoute; if (hasRight) { var url = context.HttpContext.Request.Path; /*.GetEncodedPathAndQuery()*/; hasRight = await _sysPermissionService.HasPermissionAsync(url /*string.Concat("/", area, page)*/); } if (!hasRight /*&& !(adminPageModel is Pages.IndexModel)*/) { IActionResult actionResult = new Microsoft.AspNetCore.Mvc.RedirectResult("/Admin/Forbidden"); //跳出 if (context.HttpContext.Request.Headers.TryGetValue("x-requested-with", out Microsoft.Extensions.Primitives.StringValues strings)) { if (strings.Contains("XMLHttpRequest")) { actionResult = new JsonResult(new AjaxReturnModel() { Success = false, Msg = "您没有权限访问" }) { StatusCode = 401 }; } } context.Result = actionResult; return;//If an IAsyncPageFilter provides a result value by setting the Result property of PageHandlerExecutingContext to a non-null value, then it cannot call the next filter by invoking PageHandlerExecutionDelegate. } } await next.Invoke(); }
public override async Task OnResultExecutionAsync(ResultExecutingContext context, ResultExecutionDelegate next) { //context.ActionDescriptor.FilterDescriptors var authenticateResult = await context.HttpContext.AuthenticateAsync(AdminAuthorizeAttribute.AuthenticationScheme); if (authenticateResult.Succeeded && !context.Filters.Any(_ => _ is AllowAnonymousFilter)) { AdminPageModelBase adminPageModel = context.Controller as AdminPageModelBase; //adminPageModel.SysMenuDtos = await _sysMenuService.GetMenuTreeDtoByCacheAsync(); adminPageModel.AdminWorkContext = _adminWorkContextProvider.GetAdminWorkContext(); bool hasPageRoute = context.RouteData.Values.TryGetValue("page", out object page); bool hasAreaRoute = context.RouteData.Values.TryGetValue("area", out object area); bool hasRight = hasPageRoute && hasAreaRoute; if (hasRight) { hasRight = await _sysPermissionService.HasPermissionAsync(string.Concat("/", area, page)); } if (!hasRight /*&& !(adminPageModel is Pages.IndexModel)*/) { IActionResult actionResult = new Microsoft.AspNetCore.Mvc.RedirectResult("/Admin/Forbidden"); //跳出 if (context.HttpContext.Request.Headers.TryGetValue("x-requested-with", out Microsoft.Extensions.Primitives.StringValues strings)) { if (strings.Contains("XMLHttpRequest")) { actionResult = new JsonResult(new AjaxReturnModel() { Success = false, Msg = "您没有权限访问" }) { StatusCode = 401 }; } } context.Result = actionResult; } } await base.OnResultExecutionAsync(context, next); }