Home >Backend Development >C++ >How to Implement Custom Authorization in ASP.NET Core Using Claims?
to achieve customized authorization logic. This method no longer exists in AuthorizeAttribute
. bool AuthorizeCore(HttpContextBase httpContext)
AuthorizeAttribute
The current method of using strategy
Define strategy in :
Startup.cs
<code class="language-csharp"> options.AddPolicy("YourPolicyName", policy => policy.RequireClaim(...));</code>
[Authorize]
Using the customized authorization attributes of the statement
<code class="language-csharp"> [Authorize(Policy = "YourPolicyName")] public IActionResult Action(...)</code>If the strategy -based method is not applicable, you can use the
How to use examples: IAuthorizationFilter
AuthorizeAttribute
<code class="language-csharp">public class ClaimRequirementAttribute : TypeFilterAttribute { public ClaimRequirementAttribute(string claimType, string claimValue) : base(typeof(ClaimRequirementFilter)) { Arguments = new object[] { new Claim(claimType, claimValue) }; } } public class ClaimRequirementFilter : IAuthorizationFilter { private readonly Claim _claim; public ClaimRequirementFilter(Claim claim) { _claim = claim; } public void OnAuthorization(AuthorizationFilterContext context) { bool hasClaim = context.HttpContext.User.Claims.Any(c => c.Type == _claim.Type && c.Value == _claim.Value); if (!hasClaim) { context.Result = new ForbidResult(); } } }</code>method in your filter, you can specify the authorization logic according to the statement.
The above is the detailed content of How to Implement Custom Authorization in ASP.NET Core Using Claims?. For more information, please follow other related articles on the PHP Chinese website!