如何拒绝 asp.net 核心剃须刀页面中的匿名用户?
How to deny anonymous users in asp.net core razor pages?
我如何拒绝匿名用户访问 asp.net 核心中除登录页面之外的任何剃刀页面?
我试过了
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.RootDirectory = "/";
options.Conventions.AllowAnonymousToPage("/Account/Login");
options.Conventions.AuthorizeFolder("/");
})
.SetCompatibilityVersion(CompatibilityVersion.Latest);
在控制器中添加属性
[Authorize]
public class HomeController : Controller
然后在您要匿名访问的端点中
[AllowAnonymous]
public ViewResult Index()
{
return View();
}
或者您可以创建一个基本控制器class
[Authorize]
public class BaseController : Controller
{
...
}
那就继承吧
public class HomeController : BaseController
or as listed in this documentation
//sample code
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizePage("/Contact");
options.Conventions.AuthorizeFolder("/Private");
options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
})
also here, GlobalFilters
//listed answer
GlobalFilters.Filters.Add(new AuthorizeAttribute() { Roles = "Admin, SuperUser" });
对于 Razor Pages 2.x 应用程序,您需要做的就是将以下内容添加到您的 Configure 方法中,以防止未经授权的用户访问 Pages 文件夹或子文件夹中的任何页面:
services.AddMvc().AddRazorPagesOptions(options => {
options.Conventions.AuthorizeFolder("/");
});
如果您使用的是 .NET Core 3,以下将执行相同的操作:
services.AddRazorPages(options => {
options.Conventions.AuthorizeFolder("/");
});
未经授权的用户将被重定向到默认登录页面,该页面位于 Identity/Account/Login
我如何拒绝匿名用户访问 asp.net 核心中除登录页面之外的任何剃刀页面?
我试过了
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.RootDirectory = "/";
options.Conventions.AllowAnonymousToPage("/Account/Login");
options.Conventions.AuthorizeFolder("/");
})
.SetCompatibilityVersion(CompatibilityVersion.Latest);
在控制器中添加属性
[Authorize]
public class HomeController : Controller
然后在您要匿名访问的端点中
[AllowAnonymous]
public ViewResult Index()
{
return View();
}
或者您可以创建一个基本控制器class
[Authorize]
public class BaseController : Controller
{
...
}
那就继承吧
public class HomeController : BaseController
or as listed in this documentation
//sample code
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizePage("/Contact");
options.Conventions.AuthorizeFolder("/Private");
options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
})
also here, GlobalFilters
//listed answer
GlobalFilters.Filters.Add(new AuthorizeAttribute() { Roles = "Admin, SuperUser" });
对于 Razor Pages 2.x 应用程序,您需要做的就是将以下内容添加到您的 Configure 方法中,以防止未经授权的用户访问 Pages 文件夹或子文件夹中的任何页面:
services.AddMvc().AddRazorPagesOptions(options => {
options.Conventions.AuthorizeFolder("/");
});
如果您使用的是 .NET Core 3,以下将执行相同的操作:
services.AddRazorPages(options => {
options.Conventions.AuthorizeFolder("/");
});
未经授权的用户将被重定向到默认登录页面,该页面位于 Identity/Account/Login