在扫盲篇中介绍了asp.net core 中基于策略的授权基础知识。现在讲一些其他用法,其实很简单。
1,可以配置策略时,直接配置验证逻辑。看官方说明吧。
2,一个requirement可以有多个handler(为或的关系),还看官方说明,里面也提到了这样设计的原因。
3,一个策略可以有多个requirement(且关系)
services.AddAuthorization(options =>
{
options.AddPolicy("AtLeast21", policy =>
{
policy.Requirements.Add(new MinimumAgeRequirement(21));s
policy.Requirements.Add(new MyRequirement());
});
});
4,多个策略一起使用(且关系)
[Authorize(Policy = "AtLeast21")]
[Authorize(Policy = "MyPolicy")]
public class AlcoholPurchaseController : Controller
{
public IActionResult Index() => View();
}
5,下手动调用验证
public class AlcoholPurchaseController : Controller
{
private readonly IAuthorizationService authorizationService;
public AlcoholPurchaseController(IAuthorizationService authorizationService)
{
this.authorizationService = authorizationService;
}
public IActionResult Index() {
//手动调用 策略验证
var result = authorizationService.AuthorizeAsync(User, null, "AtLeast21");
if (result.Result.Succeeded)
return View();
else
return Forbid();
}
}