基于策略的授权
可以定义一个 策略 并在 Startup.cs 或 Program.cs 中配置:
services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdmin", policy =>
policy.RequireRole("Admin","Manager","SuperAdmin"));
});
然后在 Action 上应用:
[Authorize(Policy = "RequireAdmin")]
public IActionResult SecureAction()
{
return View();
}
浙公网安备 33010602011771号