【发布时间】:2014-03-10 06:15:46
【问题描述】:
我已经在我的 asp.net web api 项目中覆盖了 IautheticationFIlter。这是我的课:
public class TokenAuthentication : Attribute, IAuthenticationFilter
{
private readonly string realm;
public bool AllowMultiple { get { return false; } }
public TokenAuthentication(string realm)
{
this.realm = "realm=" + realm;
}
public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
var request = context.Request;
// Receive token from the client. Here is the example when token is in header:
var token = request.Headers.GetValues("Token").ElementAt(0);
...
}
return Task.FromResult(0);
}
public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
{
context.Result = new ResultWithChallenge(context.Result, realm);
return Task.FromResult(0);
}
}
现在我需要将我的登录控制器排除在身份验证之外:
目前,当我运行我的项目时,如果我放置 [Authorize]、[AllowAnonymous] 或根本没有过滤器,每个请求都会触发此代码。
这里是我添加过滤器的地方:
public static void RegisterHttpFilters(System.Web.Http.Filters.HttpFilterCollection filters)
{
filters.Add(new TokenAuthentication(""));
}
【问题讨论】:
标签: asp.net asp.net-web-api authorization action-filter