mvc5自带有Identity用户管理,用户授权等,如何利用它们在我们自己的项目中对用户授权,如果授权失败,跳转一个默认的页面给用户提示,对微软Identity用户管理了理解还比较浅,大神误喷
public class MyAuthorizeAttribute : AuthorizeAttribute
{
/// <summary>
/// 授权的逻辑处理, 授权成功true,否则false 可根据实际需求处理
/// </summary>
/// <param name="httpContext">http请求</param>
/// <returns></returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("HttpContext");
}
if (!httpContext.User.Identity.IsAuthenticated)
{
return false;
}
if (Roles == null)
{
return true;
}
if (Roles.Length == 0)
{
return true;
}
return false;
}
/// <summary>
/// 授权失败跳转页面
/// </summary>
/// <param name="filterContext"></param>
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if(string.IsNullOrEmpty( filterContext.HttpContext.User.Identity.Name))
{
filterContext.HttpContext.Response.Redirect("/Account/Login");
}
else
{
filterContext.HttpContext.Response.Redirect("/Home/Unauthorized");
}
///继承AuthorizeAttribute默认方法
//base.HandleUnauthorizedRequest(filterContext);
}
}
调用,在对应的控制器上面或者Action上面添加[MyAuthorize]标示,后面的Attribute可省略