最近公司再用.net core做項目。 碰到了登入驗證權限這一塊。使用過濾器不需要每個方法上都去判斷登入是否失效。有的時候還會忘記對驗證
希望對大家有幫助
mvc core的寫法:
public class PermissionRequiredAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var isDefined = false;
var controllerActionDescriptor = filterContext.ActionDescriptor as ControllerActionDescriptor;
if (controllerActionDescriptor != null)
{
isDefined = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true)
.Any(a => a.GetType().Equals(typeof(NoPermissionRequiredAttribute)));
}
if (isDefined) return;
if (MyHttpContext.Current.Session.GetString("LoginInfo") == null)
{
filterContext.Result = new RedirectResult("/Account/Login");
}
base.OnActionExecuting(filterContext);
}
}
//不需要登入
public class NoPermissionRequiredAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
}
}
//在不需要的方法上面打上標記
[NoPermissionRequired]
public ActionResult Login()
{
}