匿名特性的检查
/// <summary>
/// IAuthorizationFilter:请求刚进入MVC流程
/// OnAuthorization来完成登录校验--以及权限检查
/// </summary>
public class CustomAuthorizationFilterAttribute : Attribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
// 终结点的元数据检查是否有匿名特性
if (context.ActionDescriptor.EndpointMetadata.Any(item => item is AllowAnonymousAttribute))
{
return;//匿名 不检查
}
// 过滤器检查是否有匿名特性
if (context.Filters.Any(f => f is IAllowAnonymousFilter))
{
return;//匿名 不检查
}
string sUser = context.HttpContext.Request.Cookies["CurrentUser"];
if (sUser == null)
{
context.Result = new RedirectResult("~/Home/Index");
}
else
{
//还应该检查下权限
return;
}
}
}