コード例 #1
0
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            var user = context.HttpContext.User;

            //var xxx = _permissionCliam;
            if (!user.Identity.IsAuthenticated)
            {
                var result = new ApiResultModel <bool>();
                result.Unauthorized();
                context.Result = new JsonResult(result);
                context.HttpContext.Response.StatusCode = result.Status;
                return;
            }
            //return;
            //// you can also use registered services
            //var someService = context.HttpContext.RequestServices.GetRequiredService<IConfiguration>();
            var alowAccess = user.Claims.Where(x => x.Value.Equals(_permissionCliam)).FirstOrDefault();

            if (alowAccess == null || alowAccess.Value.isNOEOW())
            {
                var result = new ApiResultModel <bool>();
                result.Forbidden();
                context.Result = new JsonResult(result);
                context.HttpContext.Response.StatusCode = result.Status;
                return;
            }
            return;
        }