上篇博客,当没有权限的用户访问一些资源时,返回的是403错误,403对于用户来说是一个莫名其妙的数字,我们当然要处理成友好的提示。
关于错误处理,翻看了一下Nancy的源码,是这样处理的,见下面地址:
https://github.com/NancyFx/Nancy/blob/master/src/Nancy/ErrorHandling/DefaultStatusCodeHandler.cs
其实Nancy是允许我们采用相同的办法处理,现在把DefaultStatusCodeHandler.cs的源码复制下来,改成我们自己的CustomStatusCode.cs如下,关于详细说明,参考Nancy源码DefaultStatusCodeHandler.cs。
using Nancy; using Nancy.ErrorHandling; using Nancy.ViewEngines; using System.Collections.Generic; using System.IO; using System.Linq; using System.Text; using Nancy.Responses.Negotiation; using Nancy.Extensions; using Nancy.IO; namespace NancySelfHostWeb { public class CustomStatusCode: IStatusCodeHandler { private const string DisableErrorTracesTrueMessage = "Error details are currently disabled. Please set <code>StaticConfiguration.DisableErrorTraces = false;</code> to enable."; private readonly IDictionary<HttpStatusCode, string> errorMessages; private readonly IDictionary<HttpStatusCode, string> errorPages; private readonly IResponseNegotiator responseNegotiator; private readonly HttpStatusCode[] supportedStatusCodes = { HttpStatusCode.Forbidden, HttpStatusCode.NotFound}; public CustomStatusCode(IResponseNegotiator responseNegotiator) { this.errorMessages = new Dictionary<HttpStatusCode, string> { { HttpStatusCode.Forbidden, "查看是否有授权!" }, { HttpStatusCode.NotFound, "找不到你要的资源!" } }; this.errorPages = new Dictionary<HttpStatusCode, string> { { HttpStatusCode.Forbidden, LoadResource("NancySelfHostWeb.403.html") }, { HttpStatusCode.NotFound, LoadResource("NancySelfHostWeb.404.html") } }; this.responseNegotiator = responseNegotiator; } public bool HandlesStatusCode(HttpStatusCode statusCode, NancyContext context) { return this.supportedStatusCodes.Any(s => s == statusCode); } public void Handle(HttpStatusCode statusCode, NancyContext context) { if (context.Response != null && context.Response.Contents != null && !ReferenceEquals(context.Response.Contents, Response.NoBody)) { return; } if (!this.errorMessages.ContainsKey(statusCode) || !this.errorPages.ContainsKey(statusCode)) { return; } Response existingResponse = null; if (context.Response != null) { existingResponse = context.Response; } context.NegotiationContext = new NegotiationContext(); var result = new DefaultStatusCodeHandlerResult(statusCode, this.errorMessages[statusCode], StaticConfiguration.DisableErrorTraces ? DisableErrorTracesTrueMessage : context.GetExceptionDetails()); try { context.Response = this.responseNegotiator.NegotiateResponse(result, context); context.Response.StatusCode = statusCode; if (existingResponse != null) { context.Response.ReasonPhrase = existingResponse.ReasonPhrase; } return; } catch (ViewNotFoundException) { } this.ModifyResponse(statusCode, context, result); } private void ModifyResponse(HttpStatusCode statusCode, NancyContext context, DefaultStatusCodeHandlerResult result) { if (context.Response == null) { context.Response = new Response { StatusCode = statusCode }; } var contents = this.errorPages[statusCode]; if (!string.IsNullOrEmpty(contents)) { contents = contents.Replace("[DETAILS]", result.Details); } context.Response.ContentType = "text/html"; context.Response.Contents = s => { using (var writer = new StreamWriter(new UnclosableStreamWrapper(s), Encoding.UTF8)) { writer.Write(contents); } }; } private static string LoadResource(string filename) { // 获取当前资源文件 var resourceStream = typeof(CustomStatusCode).Assembly.GetManifestResourceStream(string.Format("{0}", filename)); if (resourceStream == null) { return string.Empty; } using (var reader = new StreamReader(resourceStream)) { return reader.ReadToEnd(); } } internal class DefaultStatusCodeHandlerResult { public DefaultStatusCodeHandlerResult(HttpStatusCode statusCode, string message, string details) { this.StatusCode = statusCode; this.Message = message; this.Details = details; } public HttpStatusCode StatusCode { get; private set; } public string Message { get; private set; } public string Details { get; private set; } } } }
这样还可以把Nancy内置的500,404错误改成我们自定义的显示。
有时觉得这样太麻烦,可以自大在Module中去判断登录用户是否具有角色,代码如下
using Nancy; using Nancy.Security; using System.Linq; namespace TestSelfHostWeb.Modules { public class IndexModule : NancyModule { public IndexModule() { //开启全局验证 this.RequiresAuthentication(); Get["/"] = parameters => { //开启角色验证,只有该角色可以访问本路由 //this.RequiresClaims("admin"); //自己判断登录角色具有权限 if (!this.Context.CurrentUser.Claims.Contains("admin")) { return View["error"];//定义一个错误页面error.cshtml即可 } return View["index"]; }; } } }
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。