Question

我遇到让Authorize功能在控制器上工作的问题。我已将用户播种如下

protected override void Seed(WebApplication1.Models.ApplicationDbContext context)
    {
        var userStore = new UserStore<ApplicationUser>(context);
        var userManager = new UserManager<ApplicationUser>(userStore);

        if(!context.Users.Any(t => t.UserName == "markabarmi@hotmail.com"))
        {
            var user = new ApplicationUser { UserName = "markabarmi@hotmail.com", Email = "markabarmi@hotmail.com" };
            userManager.Create(user, "passw0d!");

            context.Roles.AddOrUpdate(r => r.Name, new IdentityRole { Name = "Admin" });
            context.SaveChanges();
            userManager.AddToRole(user.Id, "Admin");
        }

    }

由此我可以登录标准的MVC5应用程序。但是当我希望将Authorize放到控制器或ActionResult上时，登录将失败并且我获得无效的登录尝试。这是家庭控制器，我添加了授权。

public class HomeController : Controller
{
    public ActionResult Index()
    {
        return View();
    }
    //[Authorize(Roles = "Admin")]
    public ActionResult About()
    {
        ViewBag.Message = "Your application description page.";

        return View();
    }

    public ActionResult Contact()
    {
        ViewBag.Message = "Your contact page.";

        return View();
    }
}

如果有人可以帮助我:)谢谢

Answer 1

不确定为什么你没有使用RoleManager，因为你有UserManager部分，但这对我有用。 AddToRole（）会自己保存，所以不需要context.SaveChanges（）：

        var roleStore = new RoleStore<IdentityRole>(context);
        var roleManager = new RoleManager<IdentityRole>(roleStore);
        var userStore = new UserStore<ApplicationUser>(context);
        var userManager = new UserManager<ApplicationUser>(userStore);

        if (!context.Roles.Any())
        {
            // Add missing roles
            var role = roleManager.FindByName("Admin");
            if (role == null)
            {
                role = new IdentityRole("Admin");
                roleManager.Create(role);
            }
            role = roleManager.FindByName("DataEntry");
            if (role == null)
            {
                role = new IdentityRole("DataEntry");
                roleManager.Create(role);
            }
            role = roleManager.FindByName("Limited");
            if (role == null)
            {
                role = new IdentityRole("Limited");
                roleManager.Create(role);
            }
        }

        if (!context.Users.Any())
        {
            var user = userManager.FindByName("admin");
            if (user == null)
            {
                var newUser = new ApplicationUser()
                {
                    UserName = "admin",
                    FirstName = "Admin",
                    LastName = "User",
                    Email = "xxx@xxx.net",
                    PhoneNumber = "5556667777",
                    MustChangePassword = false
                };
                userManager.Create(newUser, "Password1");
                userManager.SetLockoutEnabled(newUser.Id, false);
                userManager.AddToRole(newUser.Id, "Admin");
            }
      }

MVC授权不在种子用户

1 个答案: