asp.net-mvc-5 – 使用FormsAuthenticationTicket的MVC Identity
我正在用自定义版本替换(HttpContext.Current.User)IPrincipal,以便我可以存储更多信息登录和用户.我在使用FormsAuthtenticationTicket之前已完成此操作,但其他方式基于Memberhipship和SimpleMembership提供程序.
我的问题是,我可以使用FormsAuthenticationTicket存储我的ICustomPrincipal的cookie,它会干扰或破坏OWIN Identity Pipline吗?我觉得我会混合苹果和橘子. 示例保存: var user = userRepository.Users.Where(u => u.Email == viewModel.Email).First(); CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel(); serializeModel.UserId = user.Id; serializeModel.FirstName = user.FirstName; serializeModel.LastName = user.LastName; JavaScriptSerializer serializer = new JavaScriptSerializer(); string userData = serializer.Serialize(serializeModel); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1,viewModel.Email,DateTime.Now,DateTime.Now.AddMinutes(15),false,userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName,encTicket); Response.Cookies.Add(faCookie); 示例检索: protected void Application_PostAuthenticateRequest(Object sender,EventArgs e) { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); JavaScriptSerializer serializer = new JavaScriptSerializer(); CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData); CustomPrincipal newUser = new CustomPrincipal(authTicket.Name); newUser.UserId = serializeModel.UserId; newUser.FirstName = serializeModel.FirstName; newUser.LastName = serializeModel.LastName; HttpContext.Current.User = newUser; } } 编辑 public ClaimsIdentity CreateIdentity( LoginAttempt loginAttempt) { UserProfile userProfile = GetUserProfile(loginAttempt.UserName); var applicationUser = FindById(userProfile.AspNetUserId); ClaimsIdentity identity; try { identity = UserManager.CreateIdentity(applicationUser,DefaultAuthenticationTypes.ApplicationCookie); } catch (Exception ex) { _log.Error(ex.Message,ex); return null; } //UserManager.GetClaims() identity.AddClaim(new Claim("LoginAttemptId",loginAttempt.LoginAttemptId.ToString(),ClaimValueTypes.String)); identity.AddClaim(new Claim("UserProfileId",loginAttempt.UserProfileId.ToString(),ClaimValueTypes.String)); identity.AddClaim(new Claim("SubscriptionType",userProfile.SubscriptionType,ClaimValueTypes.String)); IList<string> roles= UserManager.GetRoles(applicationUser.Id); identity.AddClaim(new Claim(ClaimTypes.Role,roles.First())); return identity; } 这用于提取 public static long GetLoginAttemptId(this IIdentity principal) { var claimsPrincipal = principal as ClaimsIdentity; if (claimsPrincipal == null) { //throw new Exception("User is not logged in!"); return -1; } var nameClaim = claimsPrincipal.Claims.FirstOrDefault(c => c.Type == "LoginAttemptId"); if (nameClaim != null) { return Convert.ToInt64( nameClaim.Value);// as long; } return -1; } 编辑 解决方法
声称具有完全相同的目的.实际上只有新的API才是这样的.
声明基本上是一个字典< String,String>它存储在auth-cookie中,可通过IPrincipal获得.但是你不需要做ICustomPrincipal,因为你在IPrincipal背后的实际对象是ClaimsPrincipal并且有一个声明列表. 您只需在登录前向Idnentity对象添加额外信息: public async override Task CreateIdentityAsync(ApplicationUser applicationUser) { var identity = await base.CreateIdentityAsync(applicationUser,DefaultAuthenticationTypes.ApplicationCookie); identity.AddClaim(new Claim("MyApp:FullName",applicationUser.FullName)); return identity; } 然后你就可以通过扩展从IPrincipal获取这些数据了: public static String GetFullName(this IPrincipal principal) { var claimsPrincipal = principal as ClaimsPrincipal; if (claimsPrincipal == null) { throw new Exception("User is not logged in!"); } var nameClaim = principal.Claims.FirstOrDefault(c => c.Type == "MyApp:FullName"); if (nameClaim != null) { return nameClaim.Value; } return String.Empty; } 我已经在一些项目中成功使用了这种方法.有关更多代码示例,请参见other similar answers. (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- 在(asp.net wcf)Web应用程序中存储文件的最佳方法是什么
- ASP.Net MVC 引用动态 js 脚本
- ASP.NET WebApi OAuth2身份认证,搭建客户端(二)
- asp.net-mvc – 部署的ASP.NET MVC 4项目不会运行
- asp.net-mvc-2 – 如何在ASP.NET MVC 2.0中的视图外创建Htm
- 如何在实时服务器上调试asp.net应用程序
- asp.net-mvc-3 – ASP.NET MVC – 带有HtmlString的Ajax.Ac
- asp.net-mvc – 尝试创建类型为’TypeNewsController’的控
- asp.net – MVP MVC和MVVM之间的区别
- asp.net – 在使用“EF-Code First”时如何定义Keys?
- asp.net-mvc – 视图中的条件语句是坏消息吗?
- 如何在ASP.NET中列出Windows用户和组?
- asp.net-mvc – ASP.NET MVC – 使用Moq框架对Re
- asp.net – 如何从代码隐藏中清除所有表单字段?
- asp.net-mvc – jQuery $.get调用Controller中的
- asp.net-mvc-3 – 如何在Asp.Net Mvc 3中显示自定
- asp.net-mvc-3 – 如何在ASP.NET MVC中为登录用户
- 什么是在ASP.NET网站中嵌入视频的有效选项?
- asp.net – System.Data.OleDb.OleDbException:
- 在Asp.net Gridview中显示多列中的行