This series is a collection of knowledge about ASP .NET Core. It just is my notes.
Part 10: Make an HTTP Request.
Part 12: Authentication and Authorization.
There is how to use static files in Asp .net core:
- Serve file in wwwroot:
app.UseStaticFiles();
- Serve file outside wwwroot:
// using Microsoft.Extensions.FileProviders;
// using System.IO;
app.UseStaticFiles(new StaticFileOptions
{
FileProvider = new PhysicalFileProvider(
Path.Combine(env.ContentRootPath, "MyStaticFiles")),
RequestPath = "/StaticFiles"
});
- Static file authorization
- Actually, UseStaticFiles middleware is called before UseAuthorization. Most apps follow this pattern => No authorization when static file served.
- If you want authentication before serving a static file, should do:
- Store them outside of wwwroot.
- Call UseStaticFiles, specifying a path, after calling UseAuthorization.
- Set the fallback authorization policy.
// Configure method
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseStaticFiles(new StaticFileOptions
{
FileProvider = new PhysicalFileProvider(
Path.Combine(env.ContentRootPath, "MyStaticFiles")),
RequestPath = "/StaticFiles"
});
AND: // ConfigureService method
services.AddAuthorization(options =>
{
options.FallbackPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
});
- Direct browsing
- Fileserver configuration
References:
0 nhận xét:
Đăng nhận xét