使用ASP.NET身份为角色提供轻松 [英] Using ASP.NET Identity for a Role Provider easily

问题描述

我只花了最后两天研究，并与现有数据库实施新的ASP.NET识别系统。更多关于这里：<一href=\"http://stackoverflow.com/questions/21418902/integrating-asp-net-identity-into-existing-dbcontext\">Integrating ASP.NET身份进入现有的DbContext 。

I just spent the last two days researching and implementing the new ASP.NET Identity system with my existing database. More on that here: Integrating ASP.NET Identity into Existing DbContext.

现在，我有一个工作 UserStore 和 Rolestore的，但我似乎无法弄清楚如何充分利用他们在我的ASP.NET MVC应用5不用写什么似乎像巨大的金额code的一样，让我困惑的所有Identity样品中

Now, I have a working UserStore and RoleStore, but I can't seem to figure out how to leverage them in my ASP.NET MVC 5 application without writing what seems like colossal amounts of code like in all the Identity samples that confuse me.

有两件事我想实现：1）使用cookie来维持授权和2）使用角色来限制无论在什么在呈现的意见和控制器应用程序访问

There's two things I want to achieve: 1) use cookies to maintain the authorizations and 2) use roles to limit application access both in what is rendered in the views and on the controllers.

要能够使用那些我需要明明使用 Controller.User 属性，它重新presents授权用户和偷看它的作用。我如何得到我的身份实施要做到这一点？

To be able to use those I need to obviously use the Controller.User property which represents the authorized user and peek into it's roles. How do I get my Identity implementation to make that happen?

最后，身份样品我看到他们正在使用OWIN，我种得到，但似乎就像是一个超级迂回的方式，这点我还是不明白如何正确地贯彻英寸至于索赔，他们让我困惑的两倍多，因为我理解他们。

Lastly, in the Identity samples I see they're using OWIN, which I kind of get, but it seems like it's a super roundabout way, which I still don't get how to properly implement. As far as Claims, they confuse me twice as much as I understand them.

我想AP preciate在正确的方向的指针。

I'd appreciate any pointers in the right direction.

推荐答案

要回这之后，我想我想通了，根本的解决方案。我结束了创建OWIN启动配置类。据我了解，因为OWIN是它拦截的请求的中间件，数字出身份验证（如果有的话），并更新控制器的用户属性类，其中用户是 ClaimsIdentity 类的一个实例。

After going back into this I think I figured out a solution that simply works. I ended up creating a startup configuration class for OWIN. From what I understand since OWIN is a middleware it intercepts the requests, figures out the authentication (if any), and updates the User property of the Controller classes where User is an instance of a ClaimsIdentity class.

在这之后一切就像你通常会使用用户ASP.NET的属性。我做了延长我的基本控制器与用户ID 称为一个额外的属性，它解析用户使用属性来获得实际ID在数据库中。我与目的是使提供给我的编号来查询真正的员工类，我的的DbContext 使用。我们将看看是否能保持与否，在此期间，这里的code为我的 StartupConfiguration ：

After that everything else works just as you would normally use the User property of ASP.NET. I did extend my base Controller with an extra property called UserId which parses the User property to get the actual Id being used in the database. My intention with that is to have the Id available to me to query for the real Employee class that my DbContext uses. We'll see if that stays or not, in the mean time, here's the code for my StartupConfiguration:

public sealed class StartupConfig {
    public void Configuration(
        IAppBuilder app) {
        this.ConfigureAuthentication(app);
    }

    public void ConfigureAuthentication(
        IAppBuilder app) {
        app.UseCookieAuthentication(new CookieAuthenticationOptions {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/"),
            ExpireTimeSpan = new TimeSpan(0, 60, 0)
        });
    }
}

下面是我如何配置我的用户ID 属性：

Here's how I configured my UserId property:

protected int UserId {
    get {
        return Convert.ToInt32(base.User.Identity.GetUserId());
    }
}

不要忘了用装饰类[大会：OwinStartupAttribute（typeof运算（namespace.StartupConfig））] 。希望这可以帮助别人。

Don't forget to decorate the class with [assembly: OwinStartupAttribute(typeof(namespace.StartupConfig))]. Hope this helps somebody.

这篇关于使用ASP.NET身份为角色提供轻松的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！