ASP.NET Identity and Claims

后端 未结 2 1233
名媛妹妹
名媛妹妹 2021-01-29 22:26

I am trying to move away from WebForms and learn MVC, specifically using the new ASP.NET Identity model. However, I cant seem to find any formal documentation from Microsoft, th

相关标签:
2条回答
  • 2021-01-29 23:11

    Regarding Asp.Net Identity, I would strongly recommend Brock Allen's implementation, called 'Identity Reboot'. Identity Reboot basically is a set of extensions to the ASP.NET Identity. It was inspired due to frustrations with the ASP.NET Identity implementation.

    You can read an introductory article here. You can download source code and samples from github here.

    You can install it using nuget:

    www.nuget.org/packages/BrockAllen.IdentityReboot/
    www.nuget.org/packages/BrockAllen.IdentityReboot.Ef/   (for entity framework)
    
    0 讨论(0)
  • 2021-01-29 23:14

    Honestly, I'm still learning the ropes with Identity, myself. Admittedly, the Microsoft provided documentation could be better, but I've never found any of their documentation all that helpful. The best stuff always comes from the community, and unfortunately, Identity is still so new that the community has had time to really flesh it out yet.

    That said, here's what I know, with the understanding that there may be better ways that I'm simply not aware of, yet.

    Claims

    Your UserManager has three methods of significance: GetClaimsAsync, AddClaimAsync and RemoveClaimAsync.

    To get all claims for a user:

    var claims = await UserManager.GetClaimsAsync(userId);
    

    You can get the current user's id with:

    var userId = User.Identity.GetUserId();
    

    Once you have the claims, to pull out a specific one:

    var someClaim = claims.FirstOrDefault(c => c.Type == "SomeClaimType");
    

    Where "SomeClaimType" is the name of the claim as it was added. In some scenarios this might be a fully qualified URN, or it may just be a simple string. If it's not something you personally added, the best thing to do is just inspect the claims variable during a debug session to see what you actually have there.

    Also, since the list of claims is a queryable, you can pretty much do whatever LINQ query you want on it, Where, Count, etc.

    To add a new claim:

    await UserManager.AddClaimAsync(userId, new Claim("SomeClaimType", claimValue));
    

    And to remove a claim:

    await UserManager.RemoveClaimAsync(userId, someClaim);
    

    Roles

    Roles work in a similar way. To get all roles for a user:

    var roles = await UserManager.GetRolesAsync(userId);
    

    To see if a user is in a particular role:

    var hasRole = await UserManager.IsInRoleAsync(userId, "SomeRole");
    

    To add a user to a particular role:

    await UserManager.AddToRoleAsync(userId, "SomeRole");
    

    And to remove:

    await UserManager.RemoveFromRoleAsync(userId, "SomeRole");
    

    Adding the roles in the first place is a bit different; you have to create an instance of RoleStore.

    var roleStore = new RoleStore<IdentityRole>(context);
    

    Then, you can use that to manage all roles. For example, to create a new role:

    await roleStore.CreateAsync(new IdentityRole("RoleName"));
    

    To remove:

    var identityRole = await roleStore.FindByNameAsync("RoleName");
    await roleStore.DeleteAsync(identityRole);
    

    Getting all roles, is not possible with the Identity-specific API at this time, but you can always fall back to querying with Entity Framework directly:

    var allRoles = context.Roles.OrderBy(o => o.Name);
    
    0 讨论(0)
提交回复
热议问题