OWIN Cookie身份验证在客户端获得角色 [英] OWIN cookie authentication get roles on client side

问题描述

我正在开发一个后端基于asp.net owin的应用程序. 在Startup.cs中，我具有IAppBuilder.useCookieAuthentication(){...}.成功通过身份验证后，可以通过我的所有Web API控制器中的HttpContext访问具有其角色的当前用户.

I'm developing an application where backend is asp.net owin based. In Startup.cs I have IAppBuilder.useCookieAuthentication() { ... }. After successfully authenticated, current user with its roles can be accessed via HttpContext in all my web api controllers.

我的javascript客户端需要有关这些角色的知识，以便知道如何显示特定项目.例如:具有管理员角色的用户可以看到其他选项卡.

My javascript client side needs a knowledge about these roles in order to know how to display specific items. For example: user having administrator role can see additional tabs.

我的问题是:将这些角色转移"到客户端的最佳方法是什么?是通过编写一些将返回这些角色的端点还是其他方式?

My question is: what's the best way to 'transfer' these roles to client side. Is it by writing some endpoint which will return these roles, or any other way?

谢谢

推荐答案

我完全同意@cassandrad！

I totally agree with @cassandrad !

但是，如果要以纯文本形式访问它，则必须在CookieAuthenticationOptions

But if you want to access it as plain text, than you have to provide your own implementation of TicketDataFormat in the CookieAuthenticationOptions

public class CustomAccessTokenFormat : ISecureDataFormat<AuthenticationTicket>
{
    // If you want to do custom serialization and encryption
    public string Protect(AuthenticationTicket ticket)
    {
        return "UserName|Role1|Role2|..."; // your raw text serialization goes here
    }

    // Deserilaize and decrypt the ticket
    public AuthenticationTicket Unprotect(string strTicket)
    {
        return new AuthenticationTicket(null, null); // deserialize the plain text here into an AuthenticationTicket object
    }
}

这篇关于OWIN Cookie身份验证在客户端获得角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！