替代使用的HttpContext的System.Web中的Owin [英] Alternative to use HttpContext in System.Web for Owin
问题描述
ASP.NET身份验证现在基于可以在任何基于OWIN主机上使用OWIN中间件。 ASP.NET身份的不会对任何的System.Web依赖
ASP.NET authentication is now based on OWIN middleware that can be used on any OWIN-based host. ASP.NET Identity does not have any dependency on System.Web.
我有一个AuthorizeAttribute过滤器,我需要获得当前用户,并添加一些属性可以通过动作控制器后取回。
I have an AuthorizeAttribute filter where I need to get the current user and add some properties to be retrieved later by action controllers.
问题是,我必须使用的HttpContext至极所属的System.Web。是否有Owin HttpContext的任何选择吗?
The problem is that I have to use the HttpContext wich belongs to System.Web. Is there any alternative of HttpContext for Owin?
public class WebApiAuthorizeAttribute : AuthorizeAttribute
{
public override async Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
base.OnAuthorization(actionContext);
Guid userId = new Guid(HttpContext.Current.User.Identity.GetUserId());
ApplicationUserManager manager = new ApplicationUserManager(new ApplicationUserStore(new ApplicationDbContext())) { PasswordHasher = new CustomPasswordHasher() };
ApplicationUser user = await manager.FindByIdAsync(userId);
actionContext.Request.Properties.Add("userId", user.LegacyUserId);
}
}
请注意:我发现<一个href=\"http://stackoverflow.com/questions/23814265/what-to-use-instead-of-httpcontext-when-using-owin-without-system-web\">this问题,似乎至极重复,但求为NancyFx项目工作的一个解决方案,至极它并不适用于我。
Note: I found this question, wich seems a duplicate, but asks for a solution working for NancyFx project, wich it's not valid for me.
推荐答案
<一个href=\"http://brockallen.com/2013/10/27/host-authentication-and-web-api-with-owin-and-active-vs-passive-authentication-middleware/\"相对=nofollow>这篇文章给我的解决方案:
网页API 2引入了新的
RequestContext的类,它包含一个主属性。这是现在
适当的位置,以查找呼叫者的身份。这个
替换Thread.CurrentPrincipal中和/或在现有的机制
HttpContext.User中。这也是你会分配给你是什么
写code认证中的Web API调用者。
Web API 2 introduced a new RequestContext class that contains a Principal property. This is now the proper location to look for the identity of the caller. This replaces the prior mechanisms of Thread.CurrentPrincipal and/or HttpContext.User. This is also what you would assign to if you are writing code to authenticate the caller in Web API.
因此,只要修改了这一行:
So just modifying the line:
Guid userId = new Guid(HttpContext.Current.User.Identity.GetUserId());
按
Guid userId = new Guid(actionContext.RequestContext.Principal.Identity.GetUserId());
现在,已经不再需要到的System.Web参考。
now, the reference to System.Web is not needed anymore.
这篇关于替代使用的HttpContext的System.Web中的Owin的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!