如何在ASP.NET Core 2.0中使用基于视图的授权

时间:2017-05-18 20:39:37

标签: asp.net asp.net-core asp.net-core-2.0

我在ASP.NET Core 2.0 Web应用程序中遇到奇怪的行为,授权在控制器级别传递,在视图级别失败。

这是ASP.NET Core 2.0中的错误还是我在代码中做错了什么?

//在Controller中成功授权

info:Microsoft.AspNetCore.Authorization.DefaultAuthorizationService [1]       用户授权成功:(用户名)。

//进入控制器

info:Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker [1]       用参数执行操作方法HomeController.Index(Bams)((null) ) - ModelState有效

...

//视图失败

info:Microsoft.AspNetCore.Authorization.DefaultAuthorizationService [2]       用户授权失败:(用户名)。

Startup.cs中的ConfigureServices:

services.AddAuthorization(options => {
    options.AddPolicy("HasName", policy => policy.Requirements.Add(new HasNameRequirement()));
});

HomeController.cs:

[Authorize(Policy="HasName")]
public class HomeController : Controller
{
    public IActionResult Index(){
        return View();
    }
}

HasNameRequirement:

public class HasNameRequirement : IAuthorizationRequirement {
    public HasNameRequirement() { }
}

HasNameHandler:

public class HasNameHandler : AuthorizationHandler<HasNameRequirement>
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasNameRequirement requirement)
    {
        var mvcContext = context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext;
        if (mvcContext != null)
        {
            var name = mvcContext.HttpContext.User.Identity.Name;
            if(name != null && name != "")
            {
                context.Succeed(requirement);
            }
            else
            {
                context.Fail();
            }
        }           

        return Task.CompletedTask;
    }
}

_Layout.cshtml:

@if (await AuthorizationService.AuthorizeAsync(User, "HasName"))
{
    ...
}

_ViewImports.cshtml:

@using Microsoft.AspNetCore.Authorization
@inject IAuthorizationService AuthorizationService

1 个答案:

答案 0 :(得分:1)

问题出在HasNameHandler。

E tensorflow/core/common_runtime/executor.cc:594] Executor failed to create kernel. Invalid argument: NodeDef mentions attr 'message' not in Op<name=PreventGradient; signature=input:T -> output:T; attr=T:type>; NodeDef: gradients/xentropy/xentropy_grad/PreventGradient = PreventGradient[T=DT_FLOAT, message="Currently there is no way to take the second derivative of sparse_softmax_cross_entropy_with_logits due to the fused implementation\'s interaction with tf.gradients()", _device="/job:localhost/replica:0/task:0/cpu:0"](xentropy/xentropy:1)

这一行是为了使我的授权块仅在存在MVC上下文时才起作用。由于视图无法访问MVC上下文,因此基于视图的授权完成授权而不会触及context.Succeed()。

我删除了它,而是使用传递给方法的AuthorizationContext。

var mvcContext = context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext;
相关问题
最新问题