ASP.NET身份“基于角色"索偿 [英] ASP.NET Identity "Role-based" Claims

问题描述

我了解我可以使用声明来发表有关用户的声明:

I understand that I can use claims to make statements about a user:

var claims = new List<Claim>();
claims.Add(new Claim(ClaimTypes.Name, "Peter"));
claims.Add(new Claim(ClaimTypes.Email, "peter@domain.com"));

但是我应该如何存储基于角色的"声明?例如:

But how should I store "role-based" claims? For example:

用户是超级管理员.

The user is a super administrator.

claims.Add(new Claim("IsSuperAdmin, "true"));

值参数"true"感觉完全多余.声明还可以用其他方式表达这种说法吗?

The value parameter "true" feels completely redundant. How else can this statement be expressed using claims?

推荐答案

框架已经为您完成了此操作.用户登录后，所有用户角色都将作为声明添加，声明类型为ClaimTypes.Role，值是角色名称.

This is already done for you by the framework. When user is logged in, all user roles are added as claims with claims type being ClaimTypes.Role and values are role name.

执行IPrincipal.IsInRole("SuperAdmin")时，框架实际上会检查用户是否存在类型为ClaimTypes.Role且值为SuperAdmin的声明.

And when you execute IPrincipal.IsInRole("SuperAdmin") the framework actually checks if the claim with type ClaimTypes.Role and value SuperAdmin is present on the user.

所以不需要做任何特别的事情.只需将用户添加到角色即可.

So don't need to do anything special. Just add a user to a role.

这篇关于ASP.NET身份“基于角色"索偿的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！