我创建了一个策略,我需要检查我的处理程序中的数据,例如 userId 和 companyId ...
所以从名为用户的声明主体,我需要从中获取信息,请问我该怎么做
增加处理程序:
public class AddScreaningHandler : AuthorizationHandler<AddScreaning>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AddScreaning requirement)
{
var mvcContext = context.Resource as AuthorizationFilterContext;
// get user infos
var claims = context.User.Identities.First().Claims.ToList();
var userCompanyId = context.User.HasClaim(u => u.Type == "id");
throw new NotImplementedException();
}
}
}
这是我需要政策的地方:控制器:
[Authorize(Policy = "AddScreaningHandler")]
[HttpPost("newScreening")]
public async Task<ActionResult<Screening>> createScreen(CreateScreeningDto createScreeningDto)
{
Screening screening = new Screening { creationDate = DateTime.Now, reflowId=Guid.NewGuid().ToString(), companyId = createScreeningDto.companyId, finished = false, lastUpdate = DateTime.Now, name = "", state = "screening-setup" };
_context.Screenings.Add(screening);
await _context.SaveChangesAsync();
return Ok(screening);
}
这是启动文件:
services.AddAuthorization(options =>
{
options.AddPolicy("AddScreaningHandler", policy =>
policy.Requirements.Add(new AddScreaning()));
});
services.AddSingleton<IAuthorizationHandler, AddScreaningHandler>();
}
我需要专注于我的处理程序addscreaninghandler 并获取用户信息,我该怎么做。
这是调试结果: 在此处输入图像描述
