没有身份验证Asp.net核心的Cookie [英] Cookie without Identity Asp.net core
问题描述
我目前正在从事一个不使用Identity的项目.
I'm currently working on a project that I don't use Identity.
问题是该项目应该有一个记住我"选项,允许用户自动重新连接到网站.
The things is that this project should have a remember me option that allow user to automatically reconnect into the web site.
我的问题是,如果没有Identity,我找不到任何完整的指导老师来创建Cookie.
My problem is that I can't find any complete tutoriel to create a cookie without Identity.
如果有人有很好的代码示例或tutoial:)
If somebody have a good sample of code or tutoial :)
谢谢
推荐答案
在我的项目中,我将AngularJS用于前端,将.Net Core API用于后端.
因此,我不需要为AccessDeniedPath
,LoginPath
等配置页面.
In my project, I use AngularJS for Frontend and .Net Core API for Backend.
So, I don't need to configure pages for AccessDeniedPath
, LoginPath
and so on.
这就是我要做的:
-
在启动类中配置cookie:
Configure the cookie in the startup class:
public void Configure(IApplicationBuilder app) {
//...
CookieAuthenticationOptions options = new CookieAuthenticationOptions();
options.AuthenticationScheme = "MyCookie";
options.AutomaticAuthenticate = true;
options.CookieName = "MyCookie";
app.UseCookieAuthentication(options);
//...
}
登录名是这样的:
The login is like this:
[HttpPost, Route("Login")]
public IActionResult LogIn([FromBody]LoginModel login) {
//...
var identity = new ClaimsIdentity("MyCookie");
//add the login as the name of the user
identity.AddClaim(new Claim(ClaimTypes.Name, login.Login));
//add a list of roles
foreach (Role r in someList.Roles) {
identity.AddClaim(new Claim(ClaimTypes.Role, r.Name));
}
var principal = new ClaimsPrincipal(identity);
HttpContext.Authentication.SignInAsync("MyCookie", principal).Wait();
return Ok();
}
注销如下:
The logout is like this:
[HttpPost, Route("Logout")]
public async Task<IActionResult> LogOut() {
await HttpContext.Authentication.SignOutAsync("MyCookie");
return Ok();
}
然后您可以像这样使用它:
Then you can use it like this:
[HttpPost]
[Authorize(Roles = "Role1,Role2,Role3")]
public IActionResult Post() {
//...
string userName = this.User.Identity.Name;
//...
}
*请注意,该方法仅被授权用于角色1,角色2和角色3".并查看如何获取用户名.
*See that the method is authorized only for "Role1, Role2 and Role3". And see how to get the user name.
这篇关于没有身份验证Asp.net核心的Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!