AuthorizeAttribute在Mvc 5应用程序中的Web Api控制器上不起作用 [英] AuthorizeAttribute not working on Web Api Controller in Mvc 5 application
问题描述
我有一个使用个人用户帐户作为身份验证的MVC 5应用程序.
I have an MVC 5 application that uses Individual User Accounts as authentication.
我将一个Web Api2空控制器添加到我的Controllers文件夹中,并执行发布操作.
I add an Web Api2 empty controller to my Controllers folder, and an post action.
[Authorize]
public class AttendancesController : ApiController
{
[HttpPost]
public IHttpActionResult Attend([FromBody]int Id)
{
我运行该应用程序,登录,然后使用Postman或Fidler发送发帖请求.我总是在应用程序的登录"页面上得到响应.
I run the application, i log in and then i use Postman or Fidler to send a post request. I always get response with the Login page of my application.
[Authorize]属性在我的api控制器上不起作用,但在mvc控制器上将起作用.为什么?
The [Authorize] attribute does not work on my api controller but will work on a mvc controller. Why?
推荐答案
WebApi和MVC过滤器不可互换.
WebApi and MVC filters aren't interchangeable.
请参阅这篇文章,其中说明了如何创建WebApi筛选器(尽管使用了IoC容器,您可以忽略): https://damienbod. com/2014/01/04/web-api-2-using-actionfilterattribute-overrideactionfiltersattribute-and-ioc-injection/
See this post which explains how to create WebApi filters (albeit with IoC containers which you can ignore): https://damienbod.com/2014/01/04/web-api-2-using-actionfilterattribute-overrideactionfiltersattribute-and-ioc-injection/
尤其是本段:
重要! Web API的筛选器与MVC的筛选器不同. Web API筛选器位于System.Web.Http.Filters命名空间中.
Important! Filters for Web API are not the same as filters for MVC. The Web API filters are found in the System.Web.Http.Filters namespace.
这篇关于AuthorizeAttribute在Mvc 5应用程序中的Web Api控制器上不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!