HelloWorld
HelloWorld

Reputation: 3759

How do I create a custom Authorize attribute that does not depend on claims in ASP.NET Core?

I want to create a custom AuthorizeAttribute that does the following:

Reading https://learn.microsoft.com/en-us/aspnet/core/security/authorization/iauthorizationpolicyprovider?view=aspnetcore-3.1 does not make things very clear in this particular case.

Reading How do you create a custom AuthorizeAttribute in ASP.NET Core? also does not make things clear as it depends on claims.

Upvotes: 1

Views: 749

Answers (1)

Voodoo
Voodoo

Reputation: 1658

You can simply create Authorization Filter

public class CustomAuthorizationFilter : IAuthorizationFilter
    {
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            string id = context.HttpContext.Request.Query["id"]?.ToString();

            if (!string.IsNullOrEmpty(id))
            {
                // Authorization logic
            }
        }
    }

Upvotes: 3

Related Questions