DynamicRoleBasedAuthorizationNETCore
[删除(380066935@qq.com或微信通知)]
Dynamic Role-Based Authorization in ASP.NET Core MVC 2.1, 3.1, 5.0 and 6.0
You already know how role-based authorization works in ASP.NET Core.
如果您不希望在属性上硬编码角色,或者以后创建角色并指定它可以访问的控制器和操作而无需接触源代码,该怎么办?Authorize
动态授权可帮助您以最少的工作量对用户进行授权,而无需对属性进行硬编码角色。动态授权构建在 ASP.NET 核心身份之上,使用身份机制来管理角色和授权用户。
[Authorize(Roles = "Administrator")]
public class AdministrationController : Controller
{
}
But what if you don't want hardcode roles on the Authorize attribute or create roles later and specify in which controller and action it has access without touching source code?
DynamicAuthorization helps you authorize users without hardcoding role(s) on the Authorize attribute with minimum effort. DynamicAuthorization is built at the top of ASP.NET Core Identity and uses identity mechanism for managing roles and authorizing users.
Install the DynamicAuthorization.Mvc.Core NuGet package
Install-Package DynamicAuthorization.Mvc.Core
or
dotnet add package DynamicAuthorization.Mvc.Core