更新ASP.NET One Core中的Claims值 [英] Update Claims values in ASP.NET One Core
问题描述
我在MVC 6(Asp.Net One Core)中有一个Web应用程序,并且我使用的是基于Claims的身份验证.在登录"方法中,设置声明":
I have a Web Application in MVC 6 (Asp.Net One Core), and I'm using Claims based authentication. In the Login method I set the Claims:
var claims = new Claim[]
{
new Claim("Name", content.Name),
new Claim("Email", content.Email),
new Claim("RoleId", content.RoleId.ToString()),
};
var ci = new ClaimsIdentity(claims, "password");
await HttpContext.Authentication.SignInAsync("Cookies", new ClaimsPrincipal(ci));
现在,例如,如果用户更改了用户个人资料中的电子邮件,如何更改电子邮件"声明的电子邮件值?我必须再次SignOutAsync和SignInAsync才能更新cookie?最好的解决方案是将其保存到经典会话中?有更好的解决方案吗?我完全错了?
Now, if the user for example changes the email in the user profile, how can I change the e-mail value for the "Email" Claim? I have to SignOutAsync and SignInAsync again in order to update the cookie? The best solution is to save this into a classic session? There is a better solution? I'm totally wrong?
有什么建议吗?
推荐答案
我必须再次SignOutAsync和SignInAsync才能更新 Cookie?
I have to SignOutAsync and SignInAsync again in order to update the cookie?
答案是肯定的.
最简单的方法是,您可以在更新电子邮件的相同操作方法内手动注销并登录(再次创建声明).
Easiest way is you can manually sign-out and sign-in (create claims again) inside the same action method where you are updating the email.
最好的解决方案是将其保存到经典会话中?
The best solution is to save this into a classic session?
我建议不要这样做.在ASP.Net MVC中,显式使用会话状态是一种不好的做法.
I suggest not to do that. Using session state explicitly is a bad practice in ASP.Net MVC.
这篇关于更新ASP.NET One Core中的Claims值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!