public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { var service = (IAuthorizationService)context.HttpContext.RequestServices.GetService(typeof(IAuthorizationService)); var requirement = new CustomRequirement { Number = _number }; var result = await service.AuthorizeAsync(context.HttpContext.User, null, requirement); if (!result.Succeeded) { context.Result = new ForbidResult(); } }
public async Task <IActionResult> DoSomething(int number) { var requirement = new CustomRequirement { Number = number }; var result = await _authorizationService.AuthorizeAsync(User, null, requirement); if (!result.Succeeded) { return(Forbid()); } return(View("success")); }