提供对 AuthorizeAttribute和AllowAnonymousAttribute特性的鉴权支持
Closed this issue · 0 comments
vipwan commented
[Authorize]
[Authorize(policy: "admin")]
[QuickApi("an-auth")]
[QuickApiSummary("使用特性标记需要登录", "使用特性标记需要登录")]
public class AuthorizationTestApi : BaseQuickApiWithoutRequest<ContentResponse>
{
public override Task<ContentResponse> ExecuteAsync(EmptyRequest request)
{
return Task.FromResult("登录成功的请求!".AsRspOfContent());
}
public override RouteHandlerBuilder HandlerBuilder(RouteHandlerBuilder builder)
{
builder.WithGroupName("admin");
return base.HandlerBuilder(builder);
}
}
[AllowAnonymous]
[QuickApi("an-anonymous")]
[QuickApiSummary("使用特性标记可以匿名", "使用特性标记可以匿名")]
public class AllowAnonymousTestApi : BaseQuickApiWithoutRequest<ContentResponse>
{
public override Task<ContentResponse> ExecuteAsync(EmptyRequest request)
{
return Task.FromResult("无效登录的请求!".AsRspOfContent());
}
public override RouteHandlerBuilder HandlerBuilder(RouteHandlerBuilder builder)
{
builder.WithGroupName("admin");
return base.HandlerBuilder(builder);
}
}
该方式等效于 :
public abstract class BaseAdminApi<Req, Rsp> : BaseQuickApi<Req, Rsp> where Req : BaseRequest<Req>, new() where Rsp : BaseResponse
{
public override Task<Rsp> ExecuteAsync(Req request)
{
throw new NotImplementedException();
}
public override RouteHandlerBuilder HandlerBuilder(RouteHandlerBuilder builder)
{
//需要Admin的Policy才能访问
builder.RequireAuthorization("admin");
return base.HandlerBuilder(builder);
}
}