如何访问dbcontext&基于自定义策略的授权中的会话

本文介绍了如何访问dbcontext&基于自定义策略的授权中的会话的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

是否有可能我们可以访问dbcontext以在基于策略的自定义授权中获取我的表数据和会话?任何人都可以帮助实现它吗?

Is it possible that we can access dbcontext to get my table data and session in custom Policy-Based Authorization? Anyone can help how to achieve it?

services.AddAuthorization(options => { options.AddPolicy("CheckAuthorize", policy => policy.Requirements.Add(new CheckAuthorize())); }); services.AddSingleton<IAuthorizationHandler, CheckAuthorize>(); public class CheckAuthorize : AuthorizationHandler<CheckAuthorize>, IAuthorizationRequirement { protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CheckAuthorize requirement) { if () //check session to verify user is logged in or not { //redirect to login page } else { if ()//access dbcontext get data from database table to validate user access { //redirect to access denied page } } throw new NotImplementedException(); } }

推荐答案

策略可以使用 DI

因此，假设您的数据库上下文位于DI中，您可以执行类似的操作

So, assuming your db context is in DI you could do something like

public class CheckAuthorizeHandler : AuthorizationHandler<CheckAuthorizeRequirement> { MyContext _context; public CheckAuthorizeHandler(MyContext context) { _context = context; } protected override Task HandleRequirementAsync( AuthorizationHandlerContext context, MyRequirement requirement) { // Do something with _context // Check if the requirement is fulfilled. return Task.CompletedTask; } }

请注意，在执行此操作时，您必须将需求设置为单独的类，而不能执行CheckAuthorize : AuthorizationHandler<CheckAuthorize>, IAuthorizationRequirement，因此必须执行

Note that when you do this you have to make your requirement a seperate class, you can't do CheckAuthorize : AuthorizationHandler<CheckAuthorize>, IAuthorizationRequirement, so you'd have to do

public CheckAuthorizeRequirement : IAuthorizationRequirement { }

最后，您需要在DI系统中注册您的处理程序

And finally you need to register your handler in the DI system

services.AddTransient<IAuthorizationHandler, CheckAuthorizeHandler>();