/// <summary> /// /// </summary> /// <param name="context"></param> /// <returns></returns> /// <remarks> /// This is a very important part of the demonstration. Here is where we're getting a call from within the /// CookieAuthenticationOptions.Events.OnSigningIn so that we can clear the old permissions out and reset them for the /// security context /// </remarks> public Task SigningIn(CookieSigningInContext context) { var authorizationContext = authorizationContextBuilder.Build(context.Principal); permissionSetProvider.Clear(authorizationContext.Key); return(Task.CompletedTask); }
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { var authorizationContext = authorizationContextBuilder.Build(context.User); if (authorizationContext.Has(requirement.PermissionCode)) { context.Succeed(requirement); } else { context.Fail(); } return(Task.CompletedTask); }