带有数据库检查的Blazor WASM自定义授权
我有一个大型WASM SaaS项目。
该项目有一个前端普通网站,不需要身份验证。我为这些页面创建了一个自定义布局。
我遇到的问题是应用程序的后端SaaS部分。
在我的mainlayout.razor中,我将其设置为这样。
<AuthorizeView>
<Authorized>
@Body
</Authorized>
<NotAuthorized>
..redirect user to homepage code
</NotAuthorized>
</AuthorizeView>
我需要更高级的授权类型,该授权每次检查数据库值。
尝试访问受保护的页面时,请参见以下方案。
如果帐户是通过数据库中的值禁用的。应将用户路由到索引。
如果新用户尚未验证其帐户。它们应将其路由到Validate_Access_Code.Razor。
我已经阅读了有关政策基础授权的Microsoft文档,但我没有看到如何执行此操作。另外,在授权视图中,您只会获得授权或未经授权。当一个帐户仍然需要验证时,这些标签都不完全适合这种情况。
我花了很多时间尝试在没有黑客解决方案的情况下正确执行此操作,但不幸的是我被困。
如果有人知道这个答案,或者可以将我指向正确的方向,那将不胜感激。
I have a Blazor Wasm SaaS project.
The project has a front end normal website that no authentication is needed. I have created a custom layout for these pages.
The problem I am having is the back end SaaS part of the application with the protected pages.
In my MainLayout.razor I have it set like this.
<AuthorizeView>
<Authorized>
@Body
</Authorized>
<NotAuthorized>
..redirect user to homepage code
</NotAuthorized>
</AuthorizeView>
I need need a more advanced type of authorization which checks database values each time.
When trying to access a protected page here are the following scenarios.
If the account is disabled by a value in the database. The user should be routed to index.razor.
If a new user hasn't validated their account. They should be routed to the validate_access_code.razor.
I've read the Microsoft docs about policy base authorization but I am not seeing how to do this. Also in AuthorizeView you only get Authorized or NotAuthorized. When an account still needs to be validated neither one of those tags exactly fit that situation.
I've spent many hours trying to do this correctly without a hack solution but unfortunately I'm stuck.
If someone knows the answer to this or could point me in the correct direction it would be much appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论