/// <summary>
/// 操作授权验证
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public static async Task <AuthorizeVerifyResult> AuthenticationAsync(AuthorizationFilterContext context)
{
if (context == null)
{
return(AuthorizeVerifyResult.ChallengeResult());
}
#region 操作信息
string controllerName = context.RouteData.Values["controller"].ToString().ToUpper();
string actionName = context.RouteData.Values["action"].ToString().ToUpper();
string methodName = context.HttpContext.Request.Method;
AuthorityOperationCmdDto operation = new AuthorityOperationCmdDto()
{
ControllerCode = controllerName,
ActionCode = actionName
};
#endregion
//登陆用户
var loginUser = IdentityManager.GetLoginUser();
if (loginUser == null)
{
return(AuthorizeVerifyResult.ChallengeResult());
}
var allowAccess = await AuthorizationAsync(loginUser, operation).ConfigureAwait(false);
return(allowAccess ? AuthorizeVerifyResult.SuccessResult() : AuthorizeVerifyResult.ForbidResult());
}
/// <summary>
/// 操作授权验证
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public static AuthorizeResult CheckAuthorization(AuthorizationFilterContext context)
{
if (context == null)
{
return(AuthorizeResult.ChallengeResult());
}
#region 操作信息
string controllerName = context.RouteData.Values["controller"].ToString();
string actionName = context.RouteData.Values["action"].ToString();
string methodName = context.HttpContext.Request.Method;
OperationDto operation = new OperationDto()
{
ControllerCode = controllerName,
ActionCode = actionName
};
#endregion
//登陆用户
var loginUser = IdentityManager.GetLoginUser();
if (loginUser == null)
{
return(AuthorizeResult.ChallengeResult());
}
var allowAccess = CheckAuthorization(loginUser, operation);
return(allowAccess ? AuthorizeResult.SuccessResult() : AuthorizeResult.ForbidResult());
}
