在ServiceStack服务上进行身份验证后访问客户端上的AuthSession

时间:2013-09-19 05:26:14

标签: asp.net-mvc authentication servicestack

我对会话文档有点困惑,所以假设我已经从客户端发送了身份验证数据并检索了ss-id和ss-pid,如下所示:

var client = new JsonServiceClient("http://somewhere/theAPI/");
var response = client.Post(new Auth() {UserName = "myuser", Password = "password123"});
var myCookie= client.CookieContainer.GetCookies(new Uri("http://somewhere/theAPI"));

如何从servicestack中检索AuthSession信息,就像姓氏,电子邮件等一样?我是否需要将它存储在memcache服务器中的其他地方,并从中检索?

或者我需要在客户端构建我的身份验证?并只使用API​​来检索数据?

1 个答案:

答案 0 :(得分:5)

假设您已经创建了自定义AuthUserSession,例如:

/// <summary>
/// Create your own strong-typed Custom AuthUserSession where you can add additional AuthUserSession 
/// fields required for your application. The base class is automatically populated with 
/// User Data as and when they authenticate with your application. 
/// </summary>
public class CustomUserSession : AuthUserSession {
    public string CustomId { get; set; }
}

您在配置AuthFeature插件时注册了自定义AuthUserSession,如下所示:

public override void Configure(Container container)
{
    //Register all Authentication methods you want to enable for this web app.            
    Plugins.Add(new AuthFeature(
        () => new CustomUserSession(), //Use your own typed Custom UserSession type
        new IAuthProvider[] {
            new CredentialsAuthProvider(),              //HTML Form post of UserName/Password credentials
            // and any other auth providers you need
        }));
}

然后,您可以在您创建的服务中将此数据公开给客户端。 SocialBotstrapApi provides access to the current session information on the server like this:将其用作模型来创建UserAuth服务,该服务仅返回当前用户的信息。

public abstract class AppServiceBase : Service {
    private CustomUserSession userSession;
    protected CustomUserSession UserSession {
        get {
            return base.SessionAs<CustomUserSession>();
        }
    }
}


[Route("/userauths")]
public class UserAuths
{
    public int[] Ids { get; set; }
}

public class UserAuthsResponse
{
    public UserAuthsResponse()
    {
        this.Users = new List<User>();
        this.UserAuths = new List<UserAuth>();
        this.OAuthProviders = new List<UserOAuthProvider>();
    }
    public CustomUserSession UserSession { get; set; }

    public List<User> Users { get; set; }

    public List<UserAuth> UserAuths { get; set; }

    public List<UserOAuthProvider> OAuthProviders { get; set; }
}

//Implementation. Can be called via any endpoint or format, see: http://servicestack.net/ServiceStack.Hello/
public class UserAuthsService : AppServiceBase
{
    public object Any(UserAuths request)
    {
        var response = new UserAuthsResponse {
            UserSession = base.UserSession,
            Users = Db.Select<User>(),
            UserAuths = Db.Select<UserAuth>(),
            OAuthProviders = Db.Select<UserOAuthProvider>(),
        };

        response.UserAuths.ForEach(x => x.PasswordHash = "[Redacted]");
        response.OAuthProviders.ForEach(x =>
            x.AccessToken = x.AccessTokenSecret = x.RequestTokenSecret = "[Redacted]");
        if (response.UserSession != null)
            response.UserSession.ProviderOAuthAccess.ForEach(x =>
            x.AccessToken = x.AccessTokenSecret = x.RequestTokenSecret = "[Redacted]");

        return response;
    }
}
相关问题
最新问题