[ActionAuthorize]
public class HomeController : Controller
{
private readonly ILogger<HomeController> _logger;
public HomeController(ILogger<HomeController> logger)
{
_logger = logger;
}
public IActionResult Index()
{
return View();
}
public IActionResult Index2(long userid)
{
return View();
}
public JsonResult GetCall()
{
return new JsonResult("test");
}
[AllowAnonymous]
public JsonResult GetCallNoAuth()
{
return new JsonResult("no auth");
}
public IActionResult AuthFail()
{
return View();
}
public IActionResult AccessFail()
{
return View();
}
public IActionResult Privacy()
{
return View();
}
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
}
public class ActionAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
{
private long _targetUserId = 1;
private string _notAllowedAction = "deny" ;
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
var query = filterContext.HttpContext.Request.Query;
if (!query.ContainsKey("userid") || query["userid"].ToString() != _targetUserId.ToString())
{
filterContext.Result = new RedirectToActionResult("home", "AuthFail", null);
return;
}
var routes = filterContext.HttpContext.Request.RouteValues;
if (routes.ContainsKey(_notAllowedAction))
{
filterContext.Result = new RedirectToActionResult("home", "AccessFail", null);
return;
}
return;
}
}
