Why does the ASP.NET SPA template instantiate UserManager once for all requests?

后端 未结 1 1480
轻奢々
轻奢々 2021-01-03 03:59

I\'m using the VS2013 ASP.NET SPA template as a starting point for my web application which uses the new ASP.NET identity framework. This is from the template:



        
1条回答
  •  攒了一身酷
    2021-01-03 04:04

    So the pattern should be one UserManager and one DbContext per request. In the 2.0-alpha1 release, we tried to make this easier by adding some new Identity Middleware that takes care of both of these things:

    We are working on an updated samples package that demonstrates these, but in the meantime

    You can add the following your IdentityModels.cs/Startup.Auth.cs with the new packages:

    public class ApplicationUser : IdentityUser
    {
        public async Task GenerateUserIdentityAsync(UserManager manager)
        {
            // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
            var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
            // Add custom user claims here
            return userIdentity;
        }
    }
    
    public class ApplicationDbContext : IdentityDbContext
    {
        public ApplicationDbContext()
            : base("DefaultConnection")
        {
        }
    
        public static ApplicationDbContext Create() {
            return new ApplicationDbContext();
        }
    }
    
    public class ApplicationUserManager : UserManager {
        // Configure the application user manager
        public ApplicationUserManager(IUserStore store) : base(store) {
        }
    
        public static ApplicationUserManager Create(IdentityFactoryOptions options) {
            var manager = new ApplicationUserManager(new UserStore(options.Context.GetDbContext()));
            //var manager = new ApplicationUserManager(new AzureStore());
            manager.UserValidator = new UserValidator(manager) {
                AllowOnlyAlphanumericUserNames = false,
                RequireUniqueEmail = true
            };
            manager.PasswordValidator = new MinimumLengthValidator(6);
            var dataProtectionProvider = options.DataProtectionProvider;
            if (dataProtectionProvider != null) {
                manager.PasswordResetTokens = new DataProtectorTokenProvider(dataProtectionProvider.Create("PasswordReset"));
                manager.UserConfirmationTokens = new DataProtectorTokenProvider(dataProtectionProvider.Create("ConfirmUser"));
            }
            return manager;
        }
    }
    
    public static class OwinExtensions {
        public static IAppBuilder UseDbContextFactory(this IAppBuilder app, Func createCallback) {
            if (app == null) {
                throw new ArgumentNullException("app");
            }
            if (createCallback == null) {
                throw new ArgumentNullException("createCallback");
            }
    
            app.Use(typeof(IdentityFactoryMiddleware>), 
                new IdentityFactoryOptions() { 
                    Provider = new IdentityFactoryProvider() {
                        OnCreate = (options) => createCallback()
                    }
                });
            return app;
        }
    
        public static DbContext GetDbContext(this IOwinContext context) {
            if (context == null) {
                throw new ArgumentNullException("context");
            }
            return context.Get();
        }
    }
    

    And the following goes into Startup.Auth.cs:

        public void ConfigureAuth(IAppBuilder app) {
            // Configure the db context and user manager to use per request
            app.UseDbContextFactory(ApplicationDbContext.Create);
            app.UseUserManagerFactory(new IdentityFactoryOptions() {
                DataProtectionProvider = app.GetDataProtectionProvider(),
                Provider = new IdentityFactoryProvider() {
                    OnCreate = ApplicationUserManager.Create
                }
            });
    
            // Enable the application to use a cookie to store information for the signed in user
            // and to use a cookie to temporarily store information about a user logging in with a third party login provider
            // Configure the sign in cookie
            app.UseCookieAuthentication(new CookieAuthenticationOptions {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login"),
                Provider = new CookieAuthenticationProvider {
                    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity(
                        validateInterval: TimeSpan.FromSeconds(5),
                        regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
                }
            });
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
    

    0 讨论(0)
提交回复
热议问题