public void OnAuthorization(AuthorizationFilterContext context)
{
if (!HasAllowAnonymous(context))
{
//获取登录用户信息
var user = GetLoginUser(context);
//请求对象
Requester requester = GetRequester(context);
//请求者权限访问状态
AuthState state = null;
if (user.IsGuest)
{
state = new NoLoginState();
}
else if (!PermissionCheck(user.PermissionCode))
{
state = new NoAccessState();
}
//如果存在授权错误状态,则接收并处理
if (state != null)
{
requester.Accept(state);
}
}
}