我想在我的“身份”中保存一些东西。生成的cookie。我目前正在使用文档中的默认身份设置。
Startup.cs
services.Configure<IdentityOptions>(options =>
{
// User settings
options.User.RequireUniqueEmail = true;
// Cookie settings
options.Cookies.ApplicationCookie.AuthenticationScheme = "Cookies";
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromHours(1);
options.Cookies.ApplicationCookie.SlidingExpiration = true;
options.Cookies.ApplicationCookie.AutomaticAuthenticate = true;
options.Cookies.ApplicationCookie.LoginPath = "/Account";
options.Cookies.ApplicationCookie.LogoutPath = "/Account/Logout";
});
AccountController.cs
var result = await _signInManager.PasswordSignInAsync(user.UserName, model.Password, true, true);
if (result.Succeeded)
{
_logger.LogInformation(1, "User logged in.");
var tokens = new List<AuthenticationToken>
{
new AuthenticationToken {Name = "Test", Value = "Test"},
};
var info = await HttpContext.Authentication.GetAuthenticateInfoAsync("Cookies");
info.Properties.StoreTokens(tokens);
这似乎不起作用。因为还没有创建cookie。 &#39;信息&#39;变量是空的。
我可以使用CookieMiddleware&#39;
解决这个问题Startup.cs
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookies",
ExpireTimeSpan = TimeSpan.FromHours(1),
SlidingExpiration = true,
AutomaticAuthenticate = true,
LoginPath = "/Account",
LogoutPath = "/Account/Logout",
});
但是我需要使用
await HttpContext.Authentication.SignInAsync("Cookies", <userPrincipal>);
在这种情况下,我需要为自己建立一个“用户主”#39;而且我更愿意利用“身份识别”#39;对于这件事。
那么结合这个可能吗? 如果不是这种情况,我该如何以良好的方式生成声明原则。
无需映射&#39;每一个主张。
List<Claim> userClaims = new List<Claim>
{
new Claim("UserId", Convert.ToString(user.Id)),
new Claim(ClaimTypes.Name, user.UserName),
// TODO: Foreach over roles
};
ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(userClaims));
await HttpContext.Authentication.SignInAsync("Cookies", principal);
类似于:
ClaimsPrincipal pricipal = new ClaimsPrincipal(user.Claims);
这不起作用,因为user.Claims的类型为IdentityUserClaim,而不是Security.Claims.Claim类型。
感谢阅读。 祝你有个美好的一天,
此致Brecht
答案 0 :(得分:3)
我设法解决了我的问题。
我写了'signInManager'中的相同功能。但是添加我自己的身份验证属性。
var result = await _signInManager.PasswordSignInAsync(user, model.Password, true, true);
if (result.Succeeded)
{
await AddTokensToCookie(user, model.Password);
return RedirectToLocal(returnUrl);
}
if (result.RequiresTwoFactor)
{
// Ommitted
}
if (result.IsLockedOut)
{
// Ommitted
}
实际上在cookie中保存某些内容(令牌)的代码:
private async Task AddTokensToCookie(ApplicationUser user, string password)
{
// Retrieve access_token & refresh_token
var disco = await DiscoveryClient.GetAsync(Environment.GetEnvironmentVariable("AUTHORITY_SERVER") ?? "http://localhost:5000");
if (disco.IsError)
{
_logger.LogError(disco.Error);
throw disco.Exception;
}
var tokenClient = new TokenClient(disco.TokenEndpoint, "client", "secret");
var tokenResponse = await tokenClient.RequestResourceOwnerPasswordAsync(user.Email, password, "offline_access api1");
var tokens = new List<AuthenticationToken>
{
new AuthenticationToken {Name = OpenIdConnectParameterNames.AccessToken, Value = tokenResponse.AccessToken},
new AuthenticationToken {Name = OpenIdConnectParameterNames.RefreshToken, Value = tokenResponse.RefreshToken}
};
var expiresAt = DateTime.UtcNow + TimeSpan.FromSeconds(tokenResponse.ExpiresIn);
tokens.Add(new AuthenticationToken
{
Name = "expires_at",
Value = expiresAt.ToString("o", CultureInfo.InvariantCulture)
});
// Store tokens in cookie
var prop = new AuthenticationProperties();
prop.StoreTokens(tokens);
prop.IsPersistent = true; // Remember me
await _signInManager.SignInAsync(user, prop);
}
最后4行代码是最重要的代码。