1.首先创建一个类.
namespace SmArtHoTel
{
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public class CustFilter : AuthorizeAttribute, IAuthorizationFilter
{
public async void OnAuthorization(AuthorizationFilterContext context)
{
if (context.ActionDescriptor.EndpointMetadata.Any(x => x is IAllowAnonymous))
{
return;
}
string AttributeInfo = context.ActionDescriptor.AttributeRouteInfo.Template;
bool IsLogin = context.HttpContext.User.Identity.IsAuthenticated;
if (!IsLogin)
{
context.Result = new StatusCodeResult((int)HttpStatusCode.Unauthorized);
}
else
{
IServiceProvider serviceProvider = context.HttpContext.RequestServices;
var menuRepository = serviceProvider.GetService<IRepository<MenuInfo>>();
var RoleRepository = serviceProvider.GetService<IRepository<MenuRoleTable>>();
var roleIdList = await RoleRepository.GetQueryableAsync();
var menuroleIdList =await menuRepository.GetQueryableAsync();
var menuroleId = roleIdList.Where(x => menuroleIdList.Where(a => a.MenuApi == AttributeInfo).Select(s => s.MenuId).Contains(x.MenuId)).Select(x => x.RoleId).ToList();
string UserName = context.HttpContext.User.Identity.Name;
IEnumerable<Claim> claim = context.HttpContext.User.Claims;
int[] roleid = claim.First(x => x.Type == ClaimTypes.Role).Value.Split(',').Select(x => Convert.ToInt32(x)).ToArray();
var adminRoleId = Array.ConvertAll(roleid, x => Convert.ToInt32(x));
if (!adminRoleId.Any(m => menuroleId.Contains(m)))
{
context.Result = new StatusCodeResult((int)HttpStatusCode.Forbidden);
}
}
}
}
}
二.在控制器 如下
三.在Service层