Skip to main content

Custom AuthorizeAttribute in ASP.NET Core.








Introduction.

Filter in MVC are attribute which can be apply to controller and action method. filters allow us to write our custom code before and after method execution.

filters can be implemented into different level of scope Global, Class, and Method level. MVC provides different types of filters.

The Authorization filter will run first and are used to determine whether the current user is authorized or unauthorized for the current request.

In this article we will learn how to create custom authorization filter, were you can write your own authorization framework.

Description.

For creating Authorization filter IAuthorizationFilter interface must be inherited. For example, the following code demonstrate custom Authorization


below CustomAuthorization attribute allow only Home controller to access the particular method under home controller class else it will return "error" in response if it is called via ajaxcall, otherwise it will be redirect to Session Expired page.



[AttributeUsage(AttributeTargets.Class)]
public sealed class CustomAuthorization: Attribute, IAuthorizationFilter {

 public void OnAuthorization(AuthorizationFilterContext filterContext) {
  var controllerInfo = filterContext.ActionDescriptor as ControllerActionDescriptor;
  if (filterContext != null) {
   string controllerName = controllerInfo.ControllerName;

   if (controllerName != "Home") {
    if (filterContext.HttpContext.Request.Headers["X-Requested-With"] == "XMLHttpRequest") {
     filterContext.Result = new JsonResult("") {
      Value = new {
       Status = "Error"
      },
     };
    } else {
     filterContext.Result = new RedirectToRouteResult(
      new RouteValueDictionary {
       {
        "Controller",
        "Home"
       }, {
        "Action",
        "SessionExpired"
       }
      });
    }
   }
  }
 }
}


You can write your own custom logic under OnAuthorization method, by inheriting Attribute it allow us to GetCustomAttributes() method that does not look at parent declarations. It only looks at attributes applied to the specified member.



For impletmentation of above filter you need to add below namespace into your class.

using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Routing;


Below defines the attribute target if we need to target Class, method, Assembly or Interface.

[AttributeUsage(AttributeTargets.Class)]


Attribute over Controller :

[CustomAuthorization]
public class HomeController: Controller {
 public IActionResult Index() {

 }
 public IActionResult Contact() {

 }
}


by applying Custom Authorization only method under home controller can be accessible.



Comments

Post a comment

Popular posts from this blog

How to use Log4Net in .Net Core 2.0 Application.

1. Introduction Logging frameworks are important because they make it easy to write your logs to different places by simply changing your configuration. You can write your .NET logs to a file on disk, a database, a log management system 2. Install Nuget Package For nlog  To use Nlog logging you need to first add Nlog pluging for adding pluging you can do it by different way. 1) Manage Nuget Packages. 2) Nuget command. you can find nuget command for Log4Net below. PM> Install-Package log4net -Version 2.0.8 3. Add log4net.config file We need to Add New to your project with name log4net.config Refer below code for log4net.config for logging log into file. Root is neccesary in log4net.config, in which we can define log level and appender-ref in which we can define appender for eg. FileAppender, ConsoleAppender. Layout : In layout we can define custom parameter sh

Enabling FxCop Code Analysis on .NET Core

Enabling FxCop Code Analysis on .NET Core. Description :- Code Analysis is important Because it is helpful from many aspects like Code Quality, Code Correctness, Code maintainability will remain great code for long time. Step 1.  Install Nuget Package : Microsoft.CodeAnalysis.FxCopAnalyzers   Click Here  to install Nuget. Refer Below screen shot additional packages will be installed after installing. Step 2. File with name FxCop.ruleset will be created in solution when you try to change action by right clicking on rule in visual studio as shown below. where you can find list of rule to be configured. If you have multi layer Architecture and you want to use similar ruleset for all layers then move ruleset file at parent level of project and add reference of that ruleset file to each project were we need to add FxCop rules. Ruleset path can be set at csproj level as below. I have added CodeAnalysisRuleSet within PropertyGroup with relevant path of code analysis r