我正在开发这个 Dotnet 核心 MVC/Razor Pages 应用程序,它应该阻止用户通过搜索栏访问某些控制器路由,除非他们在注册表单中指定它。我如何实现这一目标?dotnet core MVC 有这个关键字吗?我卡住了。显示注册的身份/帐户/注册的一些相关代码如下 [Required] [Display(Name = "Choose businesslisting or choice")] public string Decision { get; set; } } public void OnGet(string returnUrl = null) { ReturnUrl = returnUrl; } public async Task<IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (ModelState.IsValid) { var user = new IdentityUser { UserName = Input.Email, Email = Input.Email }; var result = await _userManager.CreateAsync(user, Input.Password); if (Input.Decision == "Business Listing" || Input.Decision == "business listing") { if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); var callbackUrl = Url.Page( "/Account/ConfirmEmail", pageHandler: null, values: new { userId = user.Id, code = code }, protocol: Request.Scheme); await _emailSender.SendEmailAsync(Input.Email, "Change your password", $"Please change your password by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); await _signInManager.SignInAsync(user, isPersistent: false); return LocalRedirect(returnUrl); }}
1 回答
侃侃尔雅
TA贡献1801条经验 获得超15个赞
我将从 ASP.NET Core 授权文档开始https://learn.microsoft.com/en-us/aspnet/core/security/authorization/introduction?view=aspnetcore-2.2
您可能会发现基于声明的身份验证在这种情况下很有用https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims?view=aspnetcore-2.2
创建用户后,您可以添加允许他们访问特定控制器/url 的特定声明。
- 1 回答
- 0 关注
- 64 浏览
添加回答
举报
0/150
提交
取消