public AuthorizeResultModel Authorize(AuthorizeChallengeModel model)
{
bool result = false;
var user = DbContext.Users.FirstOrDefault(e => e.UserName == model.UserName);
if (user != null)
{
//Roleに拡張性を持たせる為、IRoleStoreの実装ではなく、独自で行う
result = user.IsInRole(model.Controller, model.Action);
}
return(AuthorizeResultModel.Create(model, result));
}
public void OnAuthorization(AuthorizationContext filterContext)
{
//ControllerまたはActionにAllowAnonymous属性が付与されているか確認
var isAllowAnonymous = filterContext.Controller.GetType().IsDefined(typeof(AllowAnonymousAttribute), true) ||
filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
if (!isAllowAnonymous && filterContext.HttpContext.User.Identity.IsAuthenticated)
{
var userName = filterContext.HttpContext.User.Identity.Name;
var controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var action = filterContext.ActionDescriptor.ActionName;
var authModel = AuthorizeChallengeModel.Create(userName, controller, action);
var resultModel = DI.Container.Resolve <IAuthService>().Authorize(authModel);
if (!resultModel.IsSuccess)
{
filterContext.Result = new RedirectResult(Definitions.Auth.UNAUTHORIZE_REDIRECT_PATH);
}
}
}
