将登录重定向到控制器操作 [英] Redirect Login to Controller Action
问题描述
从使用单个用户帐户的ASP.NET 5 Web应用程序模板开始,我已经设法获得使用Microsoft帐户的外部身份验证.当用户单击登录"时,他们将被重定向到AccountController中的ExternalLogin,就像这样
Starting with the ASP.NET 5 Web App Template using Individual User Accounts I have managed to get external authentication working with Microsoft accounts. When users click Login they are redirected to ExternalLogin in AccountController like this
<form asp-controller="Account" asp-action="ExternalLogin" method="post" asp-route-returnurl="@ViewData["ReturnUrl"]" class="nav navbar-right">
<button type="submit" class="btn btn-null nav navbar-nav navbar-right" name="provider" value="Microsoft" title="Log in"><span class="fa fa-sign-in"/> Log In</button>
</form>
这使他们使用他们的Microsoft帐户登录,并且看起来一切正常.但是,如何拦截直接访问特权操作[Authorize]
的直接尝试,以便将用户重定向到ExternalLogin?可以在Startup.cs中设置默认操作吗?
That gets them logged in using thier Microsoft account and all seems to work nicely. But how do I intercept direct attempts to access privileged actions [Authorize]
so that the user is redirected to ExternalLogin? Can a default action be set in Startup.cs?
编辑1 尝试遵循我在过滤器"文件夹中创建的CustomAutorizationFilter的@Yves建议.它不检查任何条件
EDIT 1 Attempting to follow the advice of @Yves I have created CustomAutorizationFilter in a Filters folder. It doesn't check for any conditions
public class CustomAutorizationFilter : IAuthorizationFilter
{
public void OnAuthorization(Microsoft.AspNet.Mvc.Filters.AuthorizationContext context)
{
//if (...) // Check you conditions here
//{
context.Result = new RedirectToActionResult("ExternalLogin", "Account", null);
//}
}
}
,并按如下所示编辑了ConfigureServices
and have edited ConfigureServices as below
services.AddMvc(config =>
{
config.Filters.Add(typeof(Filters.CustomAutorizationFilter));
});
当我在本地运行该应用程序时,它不再进入主页.它返回一个空白的http://localhost:52711/Account/ExternalLogin
When I run the app locally it no longer goes to the Home page. It returns a blank http://localhost:52711/Account/ExternalLogin
显然我有很多不明白的地方.
Obviously there is much I do not understand.
这是ExternalLogin
// POST: /Account/ExternalLogin
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public IActionResult ExternalLogin(string provider, string returnUrl = null)
这是ExternalLogin在ASP.Net 5 Web应用程序模板中立即可用的方式.
This is how ExternalLogin comes out of the box in the ASP.Net 5 Web App Template.
推荐答案
由于我无法按照@Yves的建议运行CustomAuthorizationFilter,因此我采用了讨厌的方法.我修改了AccountController Login如下
As I was unable to get CustomAuthorizationFilter working as suggested by @Yves I have resorted to a nasty hack. I have modified AccountController Login as below
// GET: /Account/Login
[HttpGet]
[AllowAnonymous]
public IActionResult Login(string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
return RedirectToAction(nameof(ExternalLogin), new { provider = "Microsoft", returnUrl = returnUrl });
//return View();
}
这似乎可行,但是如果有更好的方法,我将不胜感激.
This seems to work but I'd appreciate any feedback or advice if there is a better way.
这篇关于将登录重定向到控制器操作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
