我的应用程序中有两个登录页面。
这两个数据库表都是由不同的表管理的。
我正在使用声明类型登录。
var user =new AdminUserViewModel();
// create claims for user's username
var claims = new List<Claim>();
if (!string.IsNullOrEmpty(user.UserName))
{
claims.Add(new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String, "Admin"));
claims.Add(new Claim("UserId", user.AdminUserId.ToString(), ClaimValueTypes.Integer64, "Admin"));
claims.Add(new Claim("AdminUserPermissionMapping", JsonConvert.SerializeObject(user.AdminUserPermissions), ClaimValueTypes.String, "Admin"));
}
// create principal for the current authentication scheme
var userIdentity = new ClaimsIdentity(claims, "Authentication");
var userPrincipal = new ClaimsPrincipal(userIdentity);
// set value indicating whether session is persisted and the time at which the authentication was issued
var authenticationProperties = new AuthenticationProperties
{
IsPersistent = isPersistent,
IssuedUtc = DateTime.Now
};
// sign in
// await httpContextAccessor.HttpContext.SignInAsync(WebAuthenticationDefaults.AuthenticationScheme, userPrincipal, authenticationProperties);
await httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal, authenticationProperties);
答案 0 :(得分:0)
创建自定义AuthorizeAttribute。
[AttributeUsage(AttributeTargets.Class)]
public sealed class ILGAuthorizeAttribute : Attribute, IAuthorizationFilter
{
private readonly ILGAuthorizeScheme _AuthenticationScheme;
public ILGAuthorizeAttribute(ILGAuthorizeScheme AuthenticationScheme)
{
_AuthenticationScheme = AuthenticationScheme;
}
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
var controllerActionDescriptor = filterContext.ActionDescriptor as ControllerActionDescriptor;
if (controllerActionDescriptor != null)
{
var actionAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true);
if (actionAttributes.Any(x => x is AllowAnonymousAttribute))
return;
}
if (filterContext != null)
{
string url = filterContext.HttpContext.Request.Path;
if (filterContext.HttpContext.User.Identity.IsAuthenticated)
{
if (url.ToLower().StartsWith("/admin") && _AuthenticationScheme.ToString().ToLower() == "admin")
{
var authenticateAdminResult = filterContext.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == "UserId" && claim.Issuer.Equals("Admin", StringComparison.InvariantCultureIgnoreCase));
if (authenticateAdminResult == null)
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "", controller = "Home", action = "Index" }));
}
else
{
var authenticateSubscriberResult = filterContext.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == "SubscriberId" && claim.Issuer.Equals("Subscriber", StringComparison.InvariantCultureIgnoreCase));
if (authenticateSubscriberResult == null)
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Admin", controller = "Home", action = "Index" }));
}
}
else
{
if (url.ToLower().StartsWith("/admin"))
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Admin", controller = "Account", action = "Login" }));
else
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "", controller = "Account", action = "CreateUsernamePassword" }));
}
}
}
}