DataWeb
Search Results for

    Show / Hide Table of Contents

    Class DataWebAuthorizeAttribute.DataWebAuthorizeFilter

    Authorization filter created by DataWebAuthorizeAttribute via TypeFilterAttribute. Enforces two checks:

    1. The user must be authenticated (IsAuthenticated).
    2. The user must be a DataWeb user (IsDataWeb).
    Inheritance
    object
    DataWebAuthorizeAttribute.DataWebAuthorizeFilter
    Implements
    IAuthorizationFilter
    IFilterMetadata
    Inherited Members
    object.Equals(object)
    object.Equals(object, object)
    object.GetHashCode()
    object.GetType()
    object.MemberwiseClone()
    object.ReferenceEquals(object, object)
    object.ToString()
    Namespace: DataWeb.Filter
    Assembly: DataWeb.Core.dll
    Syntax
    public class DataWebAuthorizeAttribute.DataWebAuthorizeFilter : IAuthorizationFilter, IFilterMetadata

    Constructors

    DataWebAuthorizeFilter(ResponseMode, IUser)

    Authorization filter created by DataWebAuthorizeAttribute via TypeFilterAttribute. Enforces two checks:

    1. The user must be authenticated (IsAuthenticated).
    2. The user must be a DataWeb user (IsDataWeb).
    Declaration
    public DataWebAuthorizeFilter(DataWebAuthorizeAttribute.ResponseMode responseMode, IUser user)
    Parameters
    Type Name Description
    DataWebAuthorizeAttribute.ResponseMode responseMode

    The DataWebAuthorizeAttribute.ResponseMode to apply when authorization fails.

    IUser user

    The current user, injected by the DI container.

    Methods

    OnAuthorization(AuthorizationFilterContext)

    Evaluates authorization for the current request. Sets Result to abort the pipeline when the user is not authenticated or does not have the IsDataWeb flag.

    Declaration
    public void OnAuthorization(AuthorizationFilterContext context)
    Parameters
    Type Name Description
    AuthorizationFilterContext context

    The AuthorizationFilterContext for the current request.

    Remarks

    When Redirect is active, the current relative URL (path + query) is forwarded as the returnurl parameter. GetEncodedPathAndQuery(HttpRequest) returns only the relative path, so there is no risk of open redirect to external domains.

    Implements

    IAuthorizationFilter
    IFilterMetadata
    In this article
    Back to top Generated by DocFX