示例#1
0
        public static async Task <AuthorizeVerifyResult> AuthenticationAsync(AuthorizationFilterContext context)
        {
            if (context == null)
            {
                return(AuthorizeVerifyResult.ChallengeResult());
            }

            #region 操作信息

            string controllerName = context.RouteData.Values["controller"].ToString().ToUpper();
            string actionName     = context.RouteData.Values["action"].ToString().ToUpper();
            string methodName     = context.HttpContext.Request.Method;
            AuthorityOperationCmdDto operation = new AuthorityOperationCmdDto()
            {
                ControllerCode = controllerName,
                ActionCode     = actionName
            };

            #endregion

            //登陆用户
            var loginUser = GetLoginUser();
            if (loginUser == null)
            {
                return(AuthorizeVerifyResult.ChallengeResult());
            }
            var allowAccess = await AuthorizationAsync(loginUser, operation).ConfigureAwait(false);

            return(allowAccess ? AuthorizeVerifyResult.SuccessResult() : AuthorizeVerifyResult.ForbidResult());
        }
示例#2
0
        /// <summary>
        /// 授权验证
        /// </summary>
        /// <param name="request">认证授权信息</param>
        /// <returns></returns>
        public static async Task <AuthorizeVerifyResult> AuthenticationAsync(AuthorizeVerifyRequest request)
        {
            if (request == null)
            {
                return(AuthorizeVerifyResult.ForbidResult());
            }
            var operation = new AuthorityOperationCmdDto()
            {
                ActionCode     = request.ActionCode,
                ControllerCode = request.ControllerCode
            };
            var user = AuthenticationUser <long> .GetUserFromClaims(request.Claims?.Select(c => new Claim(c.Key, c.Value)).ToList());

            var allowAccess = await AuthorizationAsync(user, operation).ConfigureAwait(false);

            return(new AuthorizeVerifyResult()
            {
                VerifyValue = allowAccess ? AuthorizeVerifyValue.Success : AuthorizeVerifyValue.Forbid
            });
        }