我使用 JWT 令牌进行身份验证
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(jwtOptions =>
{
jwtOptions.TokenValidationParameters = tokenValidationParameters;
});
在我的控制器中,该[Authorize]属性用于确保调用者需要经过身份验证。这很好用。
但是:如果未经授权的用户发出请求,他会收到 401 响应。我可以以某种方式“中断”此响应并记录未经授权的呼叫吗?
编辑
一个建议是添加一个“异常中间件”,我已经这样做了,但是未经授权的调用不会抛出异常......
services.AddMvc()
.AddMvcOptions(options =>
{
// Order is important! A request will run from top to bottom through each filter.
options.Filters.Add(typeof(MyExceptionFilterAttribute));
});
和属性:
public class MyExceptionFilterAttribute : ExceptionFilterAttribute
{
/// <summary>
/// ctor
/// </summary>
public MyExceptionFilterAttribute()
{
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
public override void OnException(ExceptionContext context)
{
ApplicationLogger.LogError("Bad request", context.Exception);
}
}
这个怎么样:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILogger<Startup> logger)
{
// ...
app.Use(async (context, next) =>
{
await next();
if (context.Response.StatusCode == (int)System.Net.HttpStatusCode.Unauthorized)
{
logger.LogWarning("Unauthorized request");
}
});
app.UseAuthentication();
// ...
}
| 归档时间: |
|
| 查看次数: |
2733 次 |
| 最近记录: |