在不使用身份的情况下使用自定义数据库表在ASP.NET Core 2.2中实现社交登录 [英] Implementing social login in asp.net core 2.2 with custom db tables without using identity
问题描述
我试图在asp.net core 2.2中实现社交登录功能,而不使用给定的
I am trying to implement social login features in asp.net core 2.2 without using default feature as given here. I couldn't find any where that shows implementation without using default identity.
我已经实现了自定义登录机制来处理用户身份验证,即有一个用户表存储了emailid及其密码.用户登录时,它将通过用户表条目进行验证.以同样的方式,我想实现社交登录,例如facebook,twitter,linkedin,microsoft,github等.
I have already implemented custom login mechanism to handle user authentication, i.e. there is a user table that stores emailid and its password. When user login it will validate from user table entry. In the same way I want to implement social logins like facebook, twitter, linkedin, microsoft, github etc.
一旦用户使用这些社交选项中的任何一个登录,电子邮件就会以其有效令牌存储在用户表中.
Once user signin using any of these social options there email will be stored in user table with their valid token.
I am able to triggered social login using this article but not able to redirect back to correct action method. Its redirecting back to same action method "IActionResult Google" from where its originated. I couldn't understand "ExternalLoginCallback".
我需要获取社交登录返回的响应并检索用户详细信息.
I need to get the response returned by the social login and to retrieve user details.
public IActionResult Google(string provider)
{
provider = "Google";
//Issue a challenge to external login middleware to trigger sign in process
return new ChallengeResult(provider);
}
[AllowAnonymous]
[HttpGet(nameof(ExternalLoginCallback))]
public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
//Here we can retrieve the claims
var result = await HttpContext.AuthenticateAsync("CookieAuthenticationDefaults.AuthenticationScheme");
return null;
}
推荐答案
基本思想是您可以使用 AddOpenIdConnect 中间件来触发社交登录.
The basic idea is your can use AddOAuth or AddOpenIdConnect middleware to trigger the social logins .
例如,如果使用OAuth 2 flow,则可以使用AddOAuth扩展名来使用身份提供程序,例如facebook,microsoft....您可以获取访问令牌,该令牌可以获取当前用户的基本个人资料信息,在OnCreatingTicket回调函数,您可以查询本地数据库,在数据库中链接/创建外部用户,最后创建用于用户登录的身份验证票证.例如:
For example , if using OAuth 2 flow , you can use AddOAuth extension to make consume the identity provider like facebook , microsoft .... you can acquire access token which could get the current user's basic profile information , in OnCreatingTicket callback function , you can query your local database , link/create the external user in your database , and finally create authentication ticket for user sign-in . For example :
https://www.jerriepelser.com/blog/authenticate-oauth-aspnet-core-2/
与使用OpenID Connect相似,不同之处在于您可以直接在ID令牌中获取用户信息:
That is similar if using OpenID Connect , the difference is you can directly get user's information in ID token :
services.AddAuthentication()
.AddCookie()
.AddOpenIdConnect();
You can click here and here code samples .
您可以根据需要为不同的提供程序配置多重身份验证架构.
You can config multi authentication schema for different providers based on your requirements.
这篇关于在不使用身份的情况下使用自定义数据库表在ASP.NET Core 2.2中实现社交登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
