OWIN Cookie身份验证在客户端获得角色 [英] OWIN cookie authentication get roles on client side
问题描述
我正在开发一个后端基于asp.net owin的应用程序. 在Startup.cs中,我具有IAppBuilder.useCookieAuthentication(){...}.成功通过身份验证后,可以通过我的所有Web API控制器中的HttpContext访问具有其角色的当前用户.
I'm developing an application where backend is asp.net owin based. In Startup.cs I have IAppBuilder.useCookieAuthentication() { ... }. After successfully authenticated, current user with its roles can be accessed via HttpContext in all my web api controllers.
我的javascript客户端需要有关这些角色的知识,以便知道如何显示特定项目.例如:具有管理员角色的用户可以看到其他选项卡.
My javascript client side needs a knowledge about these roles in order to know how to display specific items. For example: user having administrator role can see additional tabs.
我的问题是:将这些角色转移"到客户端的最佳方法是什么?是通过编写一些将返回这些角色的端点还是其他方式?
My question is: what's the best way to 'transfer' these roles to client side. Is it by writing some endpoint which will return these roles, or any other way?
谢谢
推荐答案
我完全同意@cassandrad!
I totally agree with @cassandrad !
但是,如果要以纯文本形式访问它,则必须在CookieAuthenticationOptions
But if you want to access it as plain text, than you have to provide your own implementation of TicketDataFormat
in the CookieAuthenticationOptions
public class CustomAccessTokenFormat : ISecureDataFormat<AuthenticationTicket>
{
// If you want to do custom serialization and encryption
public string Protect(AuthenticationTicket ticket)
{
return "UserName|Role1|Role2|..."; // your raw text serialization goes here
}
// Deserilaize and decrypt the ticket
public AuthenticationTicket Unprotect(string strTicket)
{
return new AuthenticationTicket(null, null); // deserialize the plain text here into an AuthenticationTicket object
}
}
这篇关于OWIN Cookie身份验证在客户端获得角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!