c# - 何时调用 OnAuthorization 方法？

Question

我已经实现了自定义方法，使用户信息可用于视图，如下所示：

    protected override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (HttpContext.User != null)
        {
            HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
            if (authCookie != null)
            {
                FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                JavaScriptSerializer serializer = new JavaScriptSerializer();
                AWESOMEUser user = serializer.Deserialize<AWESOMEUser>(authTicket.UserData);
                if (user == null)
                {
                    HttpContext.User = null;
                }
                else
                {
                    HttpContext.User = new PlatformUser(typeof(DBMembershipProvider).Name, user);
                }
            }
            else
            {
                HttpContext.User = null;
            }

        }
        base.OnAuthorization(filterContext);
}

问题是当数据库中的用户信息（尤其是权限）发生更改时，它不会反映在视图中。我是否应该在每次调用时都更新它，因为有更聪明的方法，即其他有助于自动更新用户信息的方法？

Answer 1

OnAuth 方法在进程请求授权时被调用。

你会在网上找到很多材料，在这里添加一些

http://blog.tomasjansson.com/securing-your-asp-net-mvc-3-application http://schotime.net/blog/index.php/2009/02/17/custom-authorization-with-aspnet -MVC/

http://patrickdesjardins.com/blog/make-all-actions-of-controller-securized-with-authorise-filter-implicit