![WebAPI中controller添加[AllowAnonymous]无效的解决方法](https://image.shishitao.com:8440/aHR0cHM6Ly9ia3FzaW1nLmlrYWZhbi5jb20vdXBsb2FkL2NoYXRncHQtcy5wbmc%2FIQ%3D%3D.png?!?w=700&webp=1 "WebAPI中controller添加[AllowAnonymous]无效的解决方法")
对于Methods添加[AllowAnonymous]可以进行匿名访问,但是对于Controller添加时无效
public class AuthAttribute : AuthorizationFilterAttribute
{
public override void OnAuthorization(HttpActionContext actionContext)
{
//如果用户方位的Action带有AllowAnonymousAttribute,则不进行授权验证,但是controller中无效
//if (actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any())
//{
// return;
//}
//分别验证在method和controller中的AllowAnonymousAttribute属性
if (((ReflectedHttpActionDescriptor)actionContext.ActionDescriptor).MethodInfo.IsDefined(typeof(AllowAnonymousAttribute), true)
||actionContext.ActionDescriptor.ControllerDescriptor.ControllerType.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
//token验证
...
}
}