AuthorizeAttribute requires you to override the OnAuthorization method and IAuthorizationFilter requires you to implement an OnAuthorization method. Seems like the same thing to me, are there any other differences? Why would one be used over the other?
EDIT: To clarify, I'm trying to understand what the difference is between the following 2 pieces of code.
public class PasswordExpirationCheckAttribute : AuthorizeAttribute
{
private int _maxPasswordAgeInDays;
public PasswordExpirationCheckAttribute(int maxPasswordAgeInDays)
{
_maxPasswordAgeInDays = maxPasswordAgeInDays;
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (!filterContext.ActionDescriptor.GetCustomAttributes(typeof(BypassPasswordExpirationCheckAttribute), true).Any())
{
IPrincipal userPrincipal = filterContext.RequestContext.HttpContext.User;
if (userPrincipal != null && userPrincipal.Identity.IsAuthenticated)
{
var userStore = new ApplicationUserStore(new IdentityDb());
var userManager = new ApplicationUserManager(userStore);
var user = userManager.FindByNameAsync(filterContext.RequestContext.HttpContext.User.Identity.Name).Result;
if (user != null)
{
var timeSpan = DateTime.Today.Date - user.LastPasswordChangedDate.Date;
if (timeSpan.TotalDays >= _maxPasswordAgeInDays)
{
HttpContextBase httpContextBase = new HttpContextWrapper(HttpContext.Current);
RequestContext requestContext = new RequestContext(httpContextBase, new RouteData());
UrlHelper urlHelper = new UrlHelper(requestContext);
filterContext.HttpContext.Response.Redirect(urlHelper.Action("ChangePassword", "Manage"));
}
}
}
}
base.OnAuthorization(filterContext);
}
}
and...
public class PasswordExpirationCheckAttribute : IAuthorizationFilter
{
private int _maxPasswordAgeInDays;
public PasswordExpirationCheckAttribute(int maxPasswordAgeInDays)
{
_maxPasswordAgeInDays = maxPasswordAgeInDays;
}
public void OnAuthorization(AuthorizationContext filterContext)
{
if (!filterContext.ActionDescriptor.GetCustomAttributes(typeof(BypassPasswordExpirationCheckAttribute), true).Any())
{
IPrincipal userPrincipal = filterContext.RequestContext.HttpContext.User;
if (userPrincipal != null && userPrincipal.Identity.IsAuthenticated)
{
var userStore = new ApplicationUserStore(new IdentityDb());
var userManager = new ApplicationUserManager(userStore);
var user = userManager.FindByNameAsync(filterContext.RequestContext.HttpContext.User.Identity.Name).Result;
if (user != null)
{
var timeSpan = DateTime.Today.Date - user.LastPasswordChangedDate.Date;
if (timeSpan.TotalDays >= _maxPasswordAgeInDays)
{
HttpContextBase httpContextBase = new HttpContextWrapper(HttpContext.Current);
RequestContext requestContext = new RequestContext(httpContextBase, new RouteData());
UrlHelper urlHelper = new UrlHelper(requestContext);
filterContext.HttpContext.Response.Redirect(urlHelper.Action("ChangePassword", "Manage"));
}
}
}
}
return;
}
}
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 我命由我不由天 的文章《What is the difference between using AuthorizeAttr》','https://www.manongdao.com/article-758954.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}