我如何有力地传播角色的转变与ASP.NET身份2.0.1用户？ [英] How do I forcefully propagate role changes to users with ASP.NET Identity 2.0.1?

问题描述

我读过<一个href=\"https://stackoverflow.com/questions/21607431/how-to-propagate-an-administrators-changes-to-a-users-claims/21638172#21638172\">this虽然它解释了角色如何变化将最终传播到一定的时间间隔后，用户的cookie，我还是不明白，我怎么强制的直接的更改用户角色。

I've read this and while it explains how role changes will eventually propagate to the user cookie after some time interval, I still don't understand how I force an immediate change to user roles.

难道我真的要退出帐户用户，当我改变自己的角色，以管理员身份？如果是的话 - 如何？如果我使用 AuthenticationManager.SignOut（）; 然后我签字我自己（管理员），而不是用户，我想改变其角色。

Do I really have to sign the user out when I change his roles as administrator? If so — how? If I use AuthenticationManager.SignOut(); then I sign off myself (admin), not the user, whose roles I want to change.

目前我使用等待UserManager.UpdateSecurityStampAsync（user.Id）; 来生成一个新的安全印记，但它不工作。当我刷新页面在另一个浏览器登录时以其他用户他的要求（包括安全盖章）并没有改变。

Currently I use await UserManager.UpdateSecurityStampAsync(user.Id); to generate a new security stamp, but it does not work. When I refresh a page in another browser while logged in as another user his claims (including security stamp) do not change.

推荐答案

如果要启用饼干即时撤销，那么每个请求必须访问数据库来验证的cookie。所以延迟之间的权衡是与你的数据库负载。但是你可以在validationInterval始终设置为0。

If you want to enable immediate revocation of cookies, then every request must hit the database to validate the cookie. So the tradeoff between delay is with your database load. But you can always set the validationInterval to 0.

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                // Enables the application to validate the security stamp when the user logs in.
                // This is a security feature which is used when you change a password or add an external login to your account.  
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromSeconds(0),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });

这篇关于我如何有力地传播角色的转变与ASP.NET身份2.0.1用户？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！