/// <summary> /// 操作授权验证 /// </summary> /// <param name="context"></param> /// <returns></returns> public static async Task <AuthorizeVerifyResult> AuthenticationAsync(AuthorizationFilterContext context) { if (context == null) { return(AuthorizeVerifyResult.ChallengeResult()); } #region 操作信息 string controllerName = context.RouteData.Values["controller"].ToString().ToUpper(); string actionName = context.RouteData.Values["action"].ToString().ToUpper(); string methodName = context.HttpContext.Request.Method; AuthorityOperationCmdDto operation = new AuthorityOperationCmdDto() { ControllerCode = controllerName, ActionCode = actionName }; #endregion //登陆用户 var loginUser = IdentityManager.GetLoginUser(); if (loginUser == null) { return(AuthorizeVerifyResult.ChallengeResult()); } var allowAccess = await AuthorizationAsync(loginUser, operation).ConfigureAwait(false); return(allowAccess ? AuthorizeVerifyResult.SuccessResult() : AuthorizeVerifyResult.ForbidResult()); }
/// <summary> /// 操作授权验证 /// </summary> /// <param name="context"></param> /// <returns></returns> public static AuthorizeResult CheckAuthorization(AuthorizationFilterContext context) { if (context == null) { return(AuthorizeResult.ChallengeResult()); } #region 操作信息 string controllerName = context.RouteData.Values["controller"].ToString(); string actionName = context.RouteData.Values["action"].ToString(); string methodName = context.HttpContext.Request.Method; OperationDto operation = new OperationDto() { ControllerCode = controllerName, ActionCode = actionName }; #endregion //登陆用户 var loginUser = IdentityManager.GetLoginUser(); if (loginUser == null) { return(AuthorizeResult.ChallengeResult()); } var allowAccess = CheckAuthorization(loginUser, operation); return(allowAccess ? AuthorizeResult.SuccessResult() : AuthorizeResult.ForbidResult()); }