public async void OnException(ExceptionContext context) { context.HttpContext.Response.StatusCode = 400; ErrorApiResult result = new ErrorApiResult(); result.ErrorMsg = context.Exception.Message; result.ErrorCode = InnerErrorCode.GLOBAL_EXCEPTION; await result.ExecuteResultAsync(context); }
private ApiResult GetErrorResult(IdentityResult result) { if (!result.Succeeded) { if (result.Errors != null) { foreach (var error in result.Errors) { ModelState.AddModelError("", error.Description); } } } return(ErrorApiResult.FromModelState(ModelState)); }
public async Task <ApiResult> Register([FromForm] UserViewModel model) { if (!ModelState.IsValid || model == null) { return(ErrorApiResult.FromModelState(ModelState)); } else { var user = new User() { UserName = model.UserName, Email = model.Password }; IdentityResult result = await _userService.CreateAsync(user, model.Password); if (!result.Succeeded) { return(GetErrorResult(result)); } } return(this.Good()); }
/// <summary> /// 执行权限验证,如果Action上存在AllowAnonymous的Attribute,则不进行验证, /// 存在Bearer的AuthorizeFilter,则只进行权限验证, /// 如果二者都不存在,则进行OAuth的验证 /// </summary> /// <param name="context">验证请求上下文</param> /// <returns></returns> public override async Task OnAuthorizationAsync(Microsoft.AspNet.Mvc.Filters.AuthorizationContext context) { if (!context.Filters.Any(item => item is IAllowAnonymous)) { if (!context.Filters.Any(item => item is AuthorizeFilter && (item as AuthorizeFilter).Policy.AuthenticationSchemes.Contains("Bearer") && item.GetType() != GetType())) { await base.OnAuthorizationAsync(context); } var result = await FrameworkConfig.IocConfig.Resolve <PermissionService>().Authorize(context); if (!result) { ErrorApiResult content = new ErrorApiResult(); content.Result = false; content.ErrorMsg = Resource.ResourceManager.GetString("ERROR_NOT_PERMISSION"); content.ErrorCode = InnerErrorCode.NOT_PERMISSION; await content.ExecuteResultAsync(context, HttpStatusCode.Unauthorized); } } }