我正在使用Identity 2.0开发ASP.NET 5应用程序。我有两种类型的用户:
我不想存储临时用户,除了验证用户所需的信息(某些用户名和令牌)。如果用户提供用户名和有效密码,则应该登录。
我不确定如何实现这一点。
答案 0 :(得分:4)
您也可以同时在两个场景中使用Identity。对于第一种情况,使用Identity就像之前所做的那样没有任何改变,但对于第二种情况,您在登录方法中稍作修改。
<?php foreach ( $attributes as $attribute_name => $options ) : ?>
<tr>
<td class="label"><label for="<?php echo sanitize_title( $attribute_name ); ?>"><?php echo wc_attribute_label( $attribute_name ); ?></label></td>
<td class="value">
<?php
$selected = isset( $_REQUEST[ 'attribute_' . sanitize_title( $attribute_name ) ] ) ? wc_clean( $_REQUEST[ 'attribute_' . sanitize_title( $attribute_name ) ] ) : $product->get_variation_default_attribute( $attribute_name );
wc_dropdown_variation_attribute_options( array( 'options' => $options, 'attribute' => $attribute_name, 'product' => $product, 'selected' => $selected ) );
echo end( $attribute_keys ) === $attribute_name ? '<a class="reset_variations" href="#">' . __( 'Clear selection', 'woocommerce' ) . '</a>' : '';
?>
</td>
</tr>
<?php endforeach;?>
由于我们将逻辑注入Identity,我们根本不需要做额外的事情。
public ActionResoult TempLogin(string username, string password)
{
// imaging you have own temp user manager, completely independent from identity
if(_tempUserManager.IsValid(username,password))
{
// user is valid, going to authenticate user for my App
var ident = new ClaimsIdentity(
new[]
{
// adding following 2 claim just for supporting default antiforgery provider
new Claim(ClaimTypes.NameIdentifier, username),
new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),
// an optional claim you could omit this
new Claim(ClaimTypes.Name, username),
// you could even add some role
new Claim(ClaimTypes.Role, "TempUser"),
new Claim(ClaimTypes.Role, "AnotherRole"),
// and so on
},
DefaultAuthenticationTypes.ApplicationCookie);
// Identity is sign in user based on claim don't matter
// how you generated it Identity
HttpContext.GetOwinContext().Authentication.SignIn(
new AuthenticationProperties { IsPersistent = false }, ident);
// auth is succeed,
return RedirectToAction("MyAction");
}
ModelState.AddModelError("", "We could not authorize you :(");
return View();
}
答案 1 :(得分:0)
您需要使用自定义逻辑和/或存储来扩展ASP.NET身份库。
在这里,您可以在我的Github帐户中找到一个示例,其中包含一些有用的链接,当我尝试理解ASP.NET标识时,我曾经阅读过这些链接:https://github.com/hernandgr/AspNetIdentityDemo
希望它有所帮助!