asp网络身份EF

时间:2014-12-04 10:03:04

标签: c# asp.net asp.net-mvc asp.net-identity

我在asp .net标识中遇到“缓存”问题,当我更改密码,名称,任何声明时,我必须重新启动应用程序以验证更改。

我在SecurityContext中有这个

public class SecurityContext : IdentityDbContext<IdentityUser>
{
    public SecurityContext()
        : base("Db")
    {
    }

    protected override void OnModelCreating(DbModelBuilder modelBuilder)
    {
        modelBuilder.HasDefaultSchema("security");

        base.OnModelCreating(modelBuilder);

        modelBuilder.Entity<IdentityUser>()
            .ToTable("_Users");
        modelBuilder.Entity<IdentityRole>()
            .ToTable("_Roles");
        modelBuilder.Entity<IdentityUserRole>()
            .ToTable("_UsersRoles");
        modelBuilder.Entity<IdentityUserClaim>()
            .ToTable("_UsersClaims");
        modelBuilder.Entity<IdentityUserLogin>()
            .ToTable("_UsersLogins");
    }
}

登录:

public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
{
    private readonly string _PublicClientId;
    private readonly Func<UserManager<IdentityUser>> _UserManagerFactory;
    private readonly Func<RoleManager<IdentityRole>> _RoleManagerFactory;

    #region Constructors
    public ApplicationOAuthProvider(string publicClientId,
        Func<UserManager<IdentityUser>> userManagerFactory,
        Func<RoleManager<IdentityRole>> roleManagerFactory
        )
    {
        if (publicClientId == null)
            throw new ArgumentNullException("publicClientId");
        _PublicClientId = publicClientId;

        if (userManagerFactory == null)
            throw new ArgumentNullException("userManagerFactory");
        _UserManagerFactory = userManagerFactory;

        if (roleManagerFactory == null)
            throw new ArgumentNullException("roleManagerFactory");
        _RoleManagerFactory = roleManagerFactory;

    }
    #endregion Constructors

    #region GrantResourceOwnerCredentials
    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        using (var userManager = _UserManagerFactory())
        {
            using (var roleManager = _RoleManagerFactory())
            {
                var user = await userManager.FindAsync(context.UserName, context.Password);
                if (user == null)
                {
                    context.SetError("invalid_grant", "The user name or password is incorrect.");
                    return;
                }
                // Start Login success
                var oAuthIdentity = await userManager.CreateIdentityAsync(user, context.Options.AuthenticationType);
                var cookiesIdentity = await userManager.CreateIdentityAsync(user, CookieAuthenticationDefaults.AuthenticationType);
                // Claims
                cookiesIdentity.AddClaim(new Claim(XpClaimTypes.Application, _SessionData.ApplicationName));
                // Properties
                var properties = CreateProperties(user, roleManager);
                var ticket = new AuthenticationTicket(oAuthIdentity, properties);
                context.Validated(ticket);
                context.Request.Context.Authentication.SignIn(cookiesIdentity);
                // End Login success
            }
        }
    }
    #endregion GrantResourceOwnerCredentials
}

避免使用其他方法

例如changePassword的方法:

    #region Password
    [HttpPut]
    [Authorize(Roles = AccountRoles.Superadministrador + "," + AccountRoles.Administrador)]
    public async Task<IHttpActionResult> Password(SetPasswordBindingModel model)
    {
        if (!ModelState.IsValid)
            return BadRequest(ModelState);

        var identity = await UserManager.FindByNameAsync((Thread.CurrentPrincipal.Identity as ClaimsIdentity).Name);
        var user = await UserManager.FindByIdAsync(model.Id);

        if (!(
            (identity.Roles.Any(x => x.Role.Name == AccountRoles.Superadministrador) && user.Roles.Any(x => x.Role.Name == AccountRoles.Administrador)) ||
            (identity.Roles.Any(x => x.Role.Name == AccountRoles.Administrador) && user.Roles.Any(x => x.Role.Name == AccountRoles.Usuario))
        ))
            throw new AuthenticationException();

        // Delete password
        {
            var result = await UserManager.RemovePasswordAsync(model.Id);
            var errorResult = GetErrorResult(result);
            if (errorResult != null)
                return errorResult;
        }

        // Add password
        {
            var result = await UserManager.AddPasswordAsync(model.Id, model.Password);
            var errorResult = GetErrorResult(result);
            if (errorResult != null)
                return errorResult;
        }

        return Ok();
    }
    #endregion Password

我遵循的步骤是:

  • 登录申请
  • 更改密码
  • 退出申请
  • 使用新密码登录(在表格中更改,更改正确)
  • 密码错误
  • 使用旧密码登录(表中的旧密码不存在)
  • 登录成功
  • 重新启动应用程序
  • 现在新密码有效

当我更改asp .net identity

的BBDD中的任何值时,会出现同样的问题

有什么想法吗?

谢谢!

1 个答案:

答案 0 :(得分:1)

如果我没记错的话,我会添加相同的问题,因为其中一个上下文被持久化而另一个上下文重新创建。

如果你检查一个,那么数据库中没有正确的值,可能是ApplicationOAuthProvider

尝试为ApplicationOAuthProvider上的每次通话重新创建上下文。