我有一个使用Identity的净核心2.1项目。
我正在尝试使用Claims作为存储一些用户数据的方法,基本上是他们的选择。
当用户第一次登录该选项时,将通过查询该选项并获得0索引来进行设置,但是以后从剃刀页面上,用户可以对其进行更改。
现在,我需要从登录时间刷新Claim数据,然后插入新选择。
问题1。当我在SwitchChoice中更改值时,由于我是“ RefreshSignInAsync”,它会被UserClaimsFactory覆盖,那么如何删除旧的Claim并为该用户添加新的Claim?
第二季度。附带的问题是,下面的方法是否不会在数据库中创建索赔记录,而是仅在cookie中创建数据,对吗?
Startup.cs已配置:
services.AddScoped<IUserClaimsPrincipalFactory<AppUser>, UserClaimsFactory>();
UserClaimsFactory.cs已配置:
public class UserClaimsFactory : UserClaimsPrincipalFactory<AppUser, IdentityRole>
{
private IConfiguration Configuration;
private ApplicationDbContext _context;
public UserClaimsFactory(
UserManager<AppUser> userManager,
RoleManager<IdentityRole> roleManager,
IOptions<IdentityOptions> optionsAccessor,
IConfiguration config,
ApplicationDbContext context)
: base(userManager, roleManager, optionsAccessor)
{
Configuration = config;
_context = context;
}
protected override async Task<ClaimsIdentity> GenerateClaimsAsync(AppUser user)
{
var idx = user.Id;
List<UserChoise> ret = await _context.UserChoise.Where(s => s.AppUserId == idx)
.Include(s => s.InnerChoise).OrderBy(s => s.CDate)
.ToListAsync();
if (ret!=null && ret.Count>0) {
var identity = await base.GenerateClaimsAsync(user);
identity.AddClaim(new Claim("ABC", ret.Count > 0 ? ret[0].Name.ToString() : "NA"));
identity.AddClaim(new Claim("XYZ", ret.Count > 0 ? ret[0].Phome.ToString() : "NA"));
return identity;
}
return null;
}
}
Login.cs已配置:
public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
if (result.Succeeded)
{
var user = await _userManager.FindByNameAsync(Input.Email);
if (!user.Active)
{
await _signInManager.SignOutAsync();
return RedirectToPage("/Index");
}
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
if (result.RequiresTwoFactor)
{
return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return RedirectToPage("./Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return Page();
}
}
// If we got this far, something failed, redisplay form
return Page();
}
SwitchChoice.cs已配置:
public async Task<IActionResult> OnPostAsync()
{
var curUser = await _userManager.GetUserAsync(User);
if (!ModelState.IsValid)
{
return Page();
}
var identity = User.Identity as ClaimsIdentity;
var existingClaim = identity.FindFirst("ABC");
if (existingClaim != null)
identity.RemoveClaim(existingClaim);
var existingClaim2 = identity.FindFirst("XYZ");
if (existingClaim2 != null)
identity.RemoveClaim(existingClaim2);
identity.AddClaim(new Claim("ABC", newVal1 != "" ? newVal1 : "NA"));
identity.AddClaim(new Claim("XYZ", newVal2 != "" ? newVal2 : "NA"));
await _signInManager.RefreshSignInAsync(curUser);
return RedirectToPage("/Index");
}
答案 0 :(得分:0)
问题在于您正在使用声明来存储数据。声明(或更具体的IdentityClaims)应该对身份进行建模。将声明视为生日,DriversLicenceNumber,性别。不经常更改的声明。
因此,解决方案是从索赔中删除数据并将其移至商店。它可能是业务环境的一部分。
Q1:选项可以保存在cookie中。如果删除Cookie,则将(业务)上下文中的选择保存为后备。
Q2:索赔未保留在数据库中。它仅创建一个ClaimsIdentity。根据方案,声明将存储在令牌或cookie中。