tymur999
Reputation: 220
Add Requirements to Default [Authorize] policy
In ASP.Net Core there are custom policies that you can add to .AddAuthorization.
However, I need to add a requirement to the default policy because it will be used in every request. Is there a way I can do this without having to create a custom policy and always specifying it with [Authorize("Policy")]?
services.AddAuthorization(options =>
{
options.AddPolicy("Unexpired",
policy => policy.Requirements.Add(new <requirement>));
...
Is there a way to make this policy part of the default?
Upvotes: 1
Views: 3360
Answers (1)
Xerillio
Reputation: 5261
In ASP.NET Core 5, it's probably the option's DefaultPolicy you're looking for:
var unexpiredPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser() // Remove if you don't need the user to be authenticated
.AddRequirements(new MyRequirement())
.Build();
services.AddSingleton<IAuthorizationHandler, MyRequirementHandler>();
services.AddAuthorization(options =>
{
// This line can be omitted if you don't need to be
// able to explicitly set the policy
options.AddPolicy("Unexpired", unexpiredPolicy);
// If no policy specified, use this
options.DefaultPolicy = unexpiredPolicy;
});
Upvotes: 2
Related Questions
- ASPNET Core identify which Requirement Policy failed
- Authorization Requirement Handler Using DI
- Asp.Net Core policies is running all requirements even if first ones are not succeeded
- Override authorization policy in ASP.NET Core 3
- Seting a Default Authorization Policy on multiple policies scenario
- How to modify default Authorize attribute in ASP.NET Core?
- Require all policies by default in Api Controllers
- Authorize against a list of policies
- How do you create a custom Policy AuthorizeAttribute in ASP.NET Core?
- Custom Policy for Authorization