带有以下登录方法和" startup.cs",具有[授权(roles ="管理员")的控制器属性正常,但是需要经过身份验证的用户的控制器关心他们的角色返回"状态代码:401未经授权"。
登录方法:
public async void LogOn(IUser user, string domain, bool remember, TimeSpan timeout)
{
var context = AccessorsHelper.HttpContextAccessor.HttpContext;
await context.SignOutAsync(IdentityConstants.ApplicationScheme);
var claims = new List<Claim>
{
new Claim(ClaimsIdentity.DefaultNameClaimType, user.GetId().ToString())
};
claims.AddRange(user.GetRoles().Select(role => new Claim(ClaimsIdentity.DefaultRoleClaimType, role)));
await context.SignInAsync(IdentityConstants.ApplicationScheme,
new ClaimsPrincipal(new ClaimsIdentity(claims)),
new AuthenticationProperties
{
IsPersistent = remember,
ExpiresUtc = DateTimeOffset.UtcNow.Add(timeout)
});
}
startup.cs:
public class Startup
{
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.InjectOliveDependencies();
var builder = services.AddMvc(options => {
options.ModelBinderProviders.Insert(0, new Olive.Mvc.OliveBinderProvider());
//options.ModelBinderProviders.Insert(0, new TestBinderProvider());
})
.ConfigureApplicationPartManager(manager =>
{
var oldMetadataReferenceFeatureProvider = manager.FeatureProviders.First(f => f is MetadataReferenceFeatureProvider);
manager.FeatureProviders.Remove(oldMetadataReferenceFeatureProvider);
manager.FeatureProviders.Add(new ReferencesMetadataReferenceFeatureProvider());
}); ;
//ConfigureMvc(builder);
services.Configure<RazorViewEngineOptions>(options => {
options.ViewLocationExpanders.Add(new ViewLocationExpander());
});
services.AddSingleton<IUserStore<User>, UserStore>();
services.AddSingleton<IRoleStore<string>, RoleStore>();
services.AddIdentity<User, string>();
services.AddAuthentication(IdentityConstants.ApplicationScheme);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.ConfigureOliveDependencies(env);
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseAuthentication();
app.UseStaticFiles();
app.UseMvc(routes =>
{
//routes.MapRoute(
// name: "default",
// template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
此外,我正在使用asp.net core 2.0。
登录方法的更改较小。
public async void LogOn(IUser user, string domain, bool remember, TimeSpan timeout)
{
var context = AccessorsHelper.HttpContextAccessor.HttpContext;
await context.SignOutAsync(IdentityConstants.ApplicationScheme);
var claims = new List<Claim>
{
new Claim(ClaimsIdentity.DefaultNameClaimType, user.GetId().ToString())
};
claims.AddRange(user.GetRoles().Select(role => new Claim(ClaimsIdentity.DefaultRoleClaimType, role)));
await context.SignInAsync(IdentityConstants.ApplicationScheme,
new ClaimsPrincipal(new ClaimsIdentity(claims, "AuthenticationType")), // AuthenticationType is just a text and I do not know what is its usage.
new AuthenticationProperties
{
IsPersistent = remember,
ExpiresUtc = DateTimeOffset.UtcNow.Add(timeout)
});
}
检查更改的评论零件。