小贝子编程

ASP MVC 5-扩展身份2.0



我有以下ApplicationUser类,是否可以通过执行以下操作来添加索赔或扩展身份,以便我可以检查用户是否在项目组中:User.Identity.IsInProjectGroup(1)

目前,我必须继续进入数据库才能获取用户,然后调用IsInProjectGroup方法。

public class ApplicationUser : IdentityUser
{
    public ApplicationUser()
    {
        Id = Guid.NewGuid().ToString();
        Groups = new Collection<Group>();
    } 
    public string FirstName { get; set; }
    public ICollection<Group> Groups { get; set; }
    public bool IsInProjectGroup(int projectId)
    {
        return Groups.Any(g => g.Projects.Select(x => x.Id).Contains(projectId));
    }
    public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
    {
       var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
       // how do you add claim???
       userIdentity.AddClaim(new Claim("Group", ???));
       return userIdentity;
     }
 }

有没有办法添加索赔来调用方法,或者有其他方法可以实现这一目标?

我正在考虑以下扩展名,但不确定我如何在ApplicationUser类中添加这样的主张以及如何在下面的扩展方法中检查索赔:

namespace App.Extensions
{
   public static class IdentityExtensions
   {
       public static bool IsInProjectGroup(this IIdentity identity, int projectId)
       {
           // how would i do the check here???
       }
   }
}

这是一个简单的示例。

首先创建一个常数,以用作主张

的键 
public class Constants { 
    public class Security {
        public class ClaimTypes
            public const string ProjectGroups = "ProjectGroups";
        }
    }
}

然后,您可以在创建身份时创建索赔

public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager) {
   var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
   // how do you add claim???
   if(Groups.Any()) { //assuming this is a navigation property
       //create a claim type/name/key
       //replace with you desired key. Store in a constant for later use
       var claimName = Constants.Security.ClaimTypes.ProjectGroup; 
       //create claims from current groups.
       var claims = Groups.SelectMany(g => g.Projects.Select(x => x.Id))
           .Select(id => new System.Security.Claims.Claim(claimName, id.ToString()));
       userIdentity.AddClaims(claims);
   }
   return userIdentity;
 }

对于检索,您可以创建自己的扩展方法来检查索赔本身中的组,而不是点击数据库。

public static class IdentityExtensions {
    public static bool IsInProjectGroup(this IIdentity identity, int projectId) {
       // how would i do the check here???
       if(identity != null) {
            var claimsIdentity = identity as ClaimsIdentity;
            if (claimsIdentity != null) {
                return claimsIdentity
                    .FindAll(Constants.Security.ClaimTypes.ProjectGroups)
                    .Any(claim => claim.Value == projectId.ToString());
            }
       }
       return false;
    }
}

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium