步骤
1、添加一个policy
ConfigureServicesExtension.cs中添加policy
services.AddAuthorization(options =>
{
options.FallbackPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build(); //enforces authorization policy (user must be authenticated) for all the action methods
//Custom Authorization Policies
options.AddPolicy("NotAuthorized", policy =>
{
policy.RequireAssertion(context =>
{
return !context.User.Identity.IsAuthenticated; //Users who is already logged in can not see register page
});
});
});
2、应用policy
在Controller或者action方法上方以DataAnnotation形式添加(HttpGet和HttpPost都添加)
[HttpGet]
[Authorize("NotAuthorized")]
public IActionResult Register()
{
return View();
}
Gitee获取源码: