Asp.net web api 如何在asp.net web api 2中自定义我自己的一组表的身份验证?
在创建的默认AccountController中,我看到Asp.net web api 如何在asp.net web api 2中自定义我自己的一组表的身份验证?,asp.net-web-api,asp.net-identity,Asp.net Web Api,Asp.net Identity,在创建的默认AccountController中,我看到 public AccountController() : this(Startup.UserManagerFactory(), Startup.OAuthOptions.AccessTokenFormat) { } 在Startup.Auth.cs中,我看到了 UserManagerFactory = () => new UserManager<
public AccountController()
: this(Startup.UserManagerFactory(), Startup.OAuthOptions.AccessTokenFormat)
{
}
在Startup.Auth.cs中,我看到了
UserManagerFactory = () =>
new UserManager<IdentityUser>(new UserStore<IdentityUser>());
UserManagerFactory=()=>
新建UserManager(新建UserStore());
似乎UserStore的实现来自Microsoft.AspNet.Identity.EntityFramework
因此,要定制身份验证,我必须实现自己的UserStore版本吗
class MYSTUFFUserStore<IdentityUser> : UserStore<IdentityUser>
{
}
类MYSTUFFUserStore:UserStore
{
}
并重写这些方法,然后在Startup.Auth.cs中执行此操作
UserManagerFactory = () =>
new UserManager<IdentityUser>(new MYSTUFFUserStore<IdentityUser>());
UserManagerFactory=()=>
新的用户管理器(新的mystufuserstore());
我正在寻找一种自定义身份验证的正确方法。假设您的表名为
AppUser
,将您自己的AppUser
域对象转换为IUser(使用Microsoft.AspNet.Identity)
,如下所示
using Microsoft.AspNet.Identity;
public class AppUser : IUser
{
//Existing database fields
public long AppUserId { get; set; }
public string AppUserName { get; set; }
public string AppPassword { get; set; }
public AppUser()
{
this.Id = Guid.NewGuid().ToString();
}
[Ignore]
public virtual string Id { get; set; }
[Ignore]
public string UserName
{
get
{
return AppUserName;
}
set
{
AppUserName = value;
}
}
}
using Microsoft.AspNet.Identity;
public class UserStoreService
: IUserStore<AppUser>, IUserPasswordStore<AppUser>
{
CompanyDbContext context = new CompanyDbContext();
public Task CreateAsync(AppUser user)
{
throw new NotImplementedException();
}
public Task DeleteAsync(AppUser user)
{
throw new NotImplementedException();
}
public Task<AppUser> FindByIdAsync(string userId)
{
throw new NotImplementedException();
}
public Task<AppUser> FindByNameAsync(string userName)
{
Task<AppUser> task = context.AppUsers.Where(
apu => apu.AppUserName == userName)
.FirstOrDefaultAsync();
return task;
}
public Task UpdateAsync(AppUser user)
{
throw new NotImplementedException();
}
public void Dispose()
{
context.Dispose();
}
public Task<string> GetPasswordHashAsync(AppUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
return Task.FromResult(user.AppPassword);
}
public Task<bool> HasPasswordAsync(AppUser user)
{
return Task.FromResult(user.AppPassword != null);
}
public Task SetPasswordHashAsync(AppUser user, string passwordHash)
{
throw new NotImplementedException();
}
}
像这样实现UserStore
对象
using Microsoft.AspNet.Identity;
public class AppUser : IUser
{
//Existing database fields
public long AppUserId { get; set; }
public string AppUserName { get; set; }
public string AppPassword { get; set; }
public AppUser()
{
this.Id = Guid.NewGuid().ToString();
}
[Ignore]
public virtual string Id { get; set; }
[Ignore]
public string UserName
{
get
{
return AppUserName;
}
set
{
AppUserName = value;
}
}
}
using Microsoft.AspNet.Identity;
public class UserStoreService
: IUserStore<AppUser>, IUserPasswordStore<AppUser>
{
CompanyDbContext context = new CompanyDbContext();
public Task CreateAsync(AppUser user)
{
throw new NotImplementedException();
}
public Task DeleteAsync(AppUser user)
{
throw new NotImplementedException();
}
public Task<AppUser> FindByIdAsync(string userId)
{
throw new NotImplementedException();
}
public Task<AppUser> FindByNameAsync(string userName)
{
Task<AppUser> task = context.AppUsers.Where(
apu => apu.AppUserName == userName)
.FirstOrDefaultAsync();
return task;
}
public Task UpdateAsync(AppUser user)
{
throw new NotImplementedException();
}
public void Dispose()
{
context.Dispose();
}
public Task<string> GetPasswordHashAsync(AppUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
return Task.FromResult(user.AppPassword);
}
public Task<bool> HasPasswordAsync(AppUser user)
{
return Task.FromResult(user.AppPassword != null);
}
public Task SetPasswordHashAsync(AppUser user, string passwordHash)
{
throw new NotImplementedException();
}
}
在Startup.Auth.cs中替换
UserManagerFactory = () =>
new UserManager<IdentityUser>(new UserStore<IdentityUser>());
UserManagerFactory=()=>
新建UserManager(新建UserStore());
与
UserManagerFactory=()=>
new UserManager(new UserStoreService()){PasswordHasher=new MyPasswordHasher()};
在ApplicationAuthProvider.cs
中,将IdentityUser
替换为AppUser
在
AccountController.cs
中,将IdentityUser
替换为AppUser
,并删除所有外部身份验证方法,如GetManageInfo
和RegisterExternal
等。感谢您的回答,但是如何从另一个控制器获取当前请求的AppUser
?User.Identity.Name
将在经过身份验证的请求中提供用户名。Sunil,你能解释一下为什么自定义类“AppUser”需要输入内置接口“IUser”?@Thomas.Benz这是我发现有用的一篇文章中的一个片段:“Microsoft.AspNet.Identity.UserManager,其中T:IUser此类允许创建、删除和查找用户以及创建标识。身份是为用户创建的,可用于做出授权和身份验证决策。”这里的想法是使用ASP.NET身份的一些/大部分内置功能,然后用自定义实现覆盖/替换您需要的内容-至少感谢Sunil的回答,我在这里做到了这一点