如何强制更新自定义用户声明? [英] How to force update custom user claims?

问题描述

我向我的ApplicationUser类添加了一个自定义声明，如下所示:

I've got a custom claim added to my ApplicationUser class as follows:

public class ApplicationUser : IdentityUser
{
    public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
    {
        var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
        // Add custom user claims here
        if(Theme != null)
            userIdentity.AddClaim(new Claim("ThemeBundle", Theme.Bundle));

        return userIdentity;
    }

    public int? ThemeId { get; set; }
    [ForeignKey("ThemeId")]
    public virtual Theme Theme { get; set; }
}

我这样扩展了身份:

public static class IdentityExtensions
{
    public static string GetThemeBundle(this IIdentity identity)
    {
        var claim = ((ClaimsIdentity) identity).FindFirst("ThemeBundle");
        // Test for null to avoid issues during testing
        return (claim != null) ? claim.Value : string.Empty;
    }
}

我通过以下操作方法更新了索赔背后的模型:

I update the model behind the claim from the following Action Method:

    public ActionResult ChangeTheme(int id)
    {
        var theme = _db.Themes.Find(id);
        if (theme == null)
            return HttpNotFound();

        var userId = User.Identity.GetUserId();
        var user = _db.Users.Find(userId);
        user.Theme = theme;
        _db.SaveChanges();

        return RedirectToAction("Index", "Home");
    }

我在这样的视图(或其他位置)中访问它:

I access it in a view (or elsewhere) like this:

User.Identity.GetThemeBundle()

当用户通过"ChangeTheme"操作更新其"Theme"属性时，直到他们注销并重新登录后，一切都不会发生.

When the user updates their "Theme" property with the "ChangeTheme" action, nothing happens until they log off and log back in.

我整天都在考虑以下QA，但收效不佳:

I've spent all day mulling over more than the following QA's with no good result:

更新用户声明未生效.为什么?

MVC 5 AddToRole是否需要注销才能生效?

感谢@Brendan Green: ASP. NET身份-强制使用安全戳重新登录

And thanks to @Brendan Green: ASP.NET Identity - Forcing a re-login with security stamp

到目前为止，我得到的最好的结果是页面将刷新，并且声明返回一个空字符串而不是所需的结果，或者我将用户重定向到登录屏幕.至少那些东西比什么都没有的模棱两可.

So far the best I've got is that the page will refresh and the claim returns an empty string instead of the desired result, OR I redirect the user to the login screen. At least those are less ambiguous than nothing happening.

当用户更改其主题"属性后，如何才能在全球范围内进行更新?我希望找到一个很好的方法来完全注销用户，然后在需要时重新登录.使用AuthenticationManager.Signout和.Signin方法并不能解决问题.

How on earth can I get the claim to update globally as soon as the user changes their "Theme" property? I'd settle for a good way to fully log the user off and back on if needed. Using the AuthenticationManager.Signout and .Signin methods doesn't quite do the trick.

推荐答案

从 Asp.Net MVC 6 和 Asp.Identity 3.0.0-rc1-final 开始，可以使用Task SignInManager<TUser>.RefreshSignInAsync(TUser user);来做到这一点.

As of Asp.Net MVC 6 and Asp.Identity 3.0.0-rc1-final you could use Task SignInManager<TUser>.RefreshSignInAsync(TUser user); in order to do that.

这篇关于如何强制更新自定义用户声明?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！