我刚刚开始使用OWIN和ASP.net身份。这就是我登录用户的方式:
ClaimsIdentity identity = new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.GivenName, user.FirstName),
new Claim(ClaimTypes.Surname, user.LastName),
}, "ApplicationCookie");
foreach(Role role in user.Roles)
{
identity.AddClaim(new Claim(ClaimTypes.Role, role.Name));
}
var owinContext = Request.GetOwinContext();
var authManager = owinContext.Authentication;
authManager.SignIn(new AuthenticationProperties() { IsPersistent = model.RememberMe }, identity);
这有效,角色都正确连线。我的问题是:如果用户登录并拥有一组角色,那么他们的角色会在系统中更新(可能由系统管理员更新),您如何使用户的身份验证cookie无效并重新填充?< / p>
答案 0 :(得分:3)
在Startup.cs文件中,您可以注册CookieAuthenticationProvider,该app.UseCookieAuthentication(new CookieAuthenticationOptions
{
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator
.OnValidateIdentity<UserManager, ApplicationUser, int>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager)
}
});
将在一段时间后为用户失效并重新生成新的Cookie
{{1}}