0
我試圖用屬性映射做基本的身份驗證(AuthorizationFilterAttribute)使用我控制器[AuthenticationController]System.Threading.Thread.CurrentPrincipal在AuthorizationFilterAttribute
顯示 herepublic override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (!_active)
return;
var identity = FetchHeader(actionContext);
if (identity == null)
{
ChallengeAuthRequestFilter(actionContext);
return;
}
var genericPrincipal = new GenericPrincipal(identity, null);
Thread.CurrentPrincipal = genericPrincipal;
var val = Thread.CurrentPrincipal.Identity.IsAuthenticated;
if (!OnAuthorizeUser(identity.Name, identity.Password, actionContext))
{
ChallengeAuthRequestFilter(actionContext);
return;
}
base.OnAuthorization(actionContext);
}
我使用這個屬性技術不設置
[ApiAuthenticationFilter(true)] //This is the attribute class
[RoutePrefix("api/Authentication")]
public class AuthenticateController : ApiController
{
private ITokenService _tokenService;
public AuthenticateController() { }
public AuthenticateController(ITokenService tokenService)
{
_tokenService = tokenService;
}
// GET api/<controller>
[Route("Login")]
[HttpGet]
public HttpResponseMessage Authenticate(User user)
{
if (System.Threading.Thread.CurrentPrincipal != null && System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)
{
BasicAuthenticationIdentity identity = Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity;
if (identity != null)
return GenerateToken(identity.UserId);
}
return null;
}
MyQuestion
即使我設置CurrentPrincipal到GenericPrincipal對象,並獲得IsAuthenticated屬性爲true:
var genericPrincipal = new GenericPrincipal(identity, null);
Thread.CurrentPrincipal = genericPrincipal;
,並用它在我的控制器來檢查這就是爲什麼我越來越來假
if (System.Threading.Thread.CurrentPrincipal != null && System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)
IsAuthenticated屬性當我在屬性類中得到它時,IsAuthenticated屬性在我的控制器中爲false。
請指導,我做錯了什麼。
謝謝。