asp.net mvc - Take controller attribute into account from an OWIN authentication middleware -


i in process of putting custom owin authentication middleware in order re-use our central authentication mechanism.

in order control access pages, using [authorize] , [allowanonymous] attributes on controllers.

even though understand the owin middleware , attribute @ different stages of page life cycle, wondering if there way notify middleware allowanonymous attribute present , there no need process request further.

typically, having middleware trigger authentication process (in case, implying go remote page - oauth2 type of authentication) issue when accessing entry page of site supposed accessible anonymously.

do know way accomplish that?

i know old, had same issue. in case haven't found answer, others come looking:

the thing remember middleware handle request before controller gets , response after. so, don't need access attributes directly, need results.

consider following:

namespace customauthapp.mvc {     public partial class startup     {         public void configureauth(iappbuilder app)         {             app.use(async (ctx, next) =>              {                 if (ctx.extensionmethodtocheckifaccesstokenexistsinrequestmaybeasacookie())                  {                     var ident = new claimsidentity("external");                     ctx.request.user = new claimsprincipal(ident);                 }                  await next();                  if (ctx.response.statuscode == 401)                 {                     var loginuri = string.format("{0}?returnurl={1}", "/account/login", ctx.request.path);                     ctx.response.redirect(loginuri);                 }             }         });     } }

we check if access token oauth service exists , if so, set claimsprincipal on request (which make bypass [authorized] attribute). after request handled await next() can check response status , set whatever redirects required.

obviously, extremely simple case , doesn't take things roles or claims account, should down road.


Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

i have add following code htaccess file removing .php extension , add trailing slash urls. worked fine reduced page loading speed , css code not loading @ all. pages ugly. please help rewriteengine on rewritebase / ## hide .php extension snippet # externally redirect /dir/foo.php /dir/foo rewritecond %{the_request} ^[a-z]{3,}\s([^.]+)\.php [nc] rewriterule ^ %1/ [r,l] # add trailing slash rewritecond %{request_filename} !-f rewritecond %{request_uri} !/$ rewriterule . %{request_uri}/ [l,r=301] # internally forward /dir/foo /dir/foo.php rewritecond %{request_filename} !-d rewritecond %{request_filename}.php -f rewriterule ^(.*?)/?$ $1.php [l] we can rewrite urls using .htaccess files. before writing in .htaccess files need verify kind of server using. can check server adding a <?php phpinfo(); ?> in php page. ensure mod_rewrite module enabled in apache server. can identified checking phpinfo included page. common methods used url rewriting follows ...
Read more

javascript - jQuery show full size image on click -

pretty self explanatory not workking . i want display full image when user click on image... yes know there tons of plugins but i want keep simple. any idea ? css : .full { display: none; width: 500px; height: 500px; margin-left: 100px; margin-top: -300px; position: fixed; background-color: #f00; z-index: 6; } .thumbnail { width: 50px; height: 50px; } html: <img class="thumbnail" src="http://4.bp.blogspot.com/-uhbdp2esxng/txneptvi92i/aaaaaaaaaky/upfqis7zto0/s1600/rihanna-wallpaper.jpg"> jquery: $(document).ready(function() { $('.thumbnail').on('click', function() { var img = $('<img />',{src:this.src,'class':'full'}); $('.full').html(img).show(); console.log('done!'); }); }); try looking how jquery works. $(document).ready(function() { $('.thumbnail').on('click', function(...
Read more