C# Blazor Webassembly UserIsInRole始终为false
我试图通过与api对话来测试blazor webassembly身份验证。我的用户已通过身份验证,我可以搜索声明并获取角色,但我无法获取user.IsInRole返回除false以外的任何内容 这是一个简单的验证身份的页面,我试图按照IAmTimCorey的教程,但我似乎错过了一些东西C# Blazor Webassembly UserIsInRole始终为false,c#,.net-core,jwt,dapper,blazor-webassembly,C#,.net Core,Jwt,Dapper,Blazor Webassembly,我试图通过与api对话来测试blazor webassembly身份验证。我的用户已通过身份验证,我可以搜索声明并获取角色,但我无法获取user.IsInRole返回除false以外的任何内容 这是一个简单的验证身份的页面,我试图按照IAmTimCorey的教程,但我似乎错过了一些东西 @page "/verifyauth" <h3>Verify Auth</h3> @if (isAuthenticated) { <h4>@userNa
@page "/verifyauth"
<h3>Verify Auth</h3>
@if (isAuthenticated)
{
<h4>@userName is authenticated</h4>
<ul>
<li>Access to Admin Role: @isAdmin</li>
<li>Access to Cashier Role: @isCashier</li>
<li>Access to Manager Role: @isManager</li>
</ul>
}
else
{
<h4>The user is not authenticated</h4>
}
@code {
[CascadingParameter]
public Task<AuthenticationState> AuthState { get; set; }
private bool isAuthenticated = false;
private string userName;
private bool isAdmin = false;
private bool isCashier = false;
private bool isManager = false;
protected override async Task OnInitializedAsync()
{
var authState = await AuthState;
if (authState.User.Identity.IsAuthenticated) //This works and correctly verifies that I am authenticated
{
isAuthenticated = true;
var claimsIdentity = authState.User.Identity as System.Security.Claims.ClaimsIdentity; //Setting up the current work around
userName = claimsIdentity.Claims.FirstOrDefault(c => c.Type == "unique_name").Value; //This correctly gets the user name
var role = claimsIdentity.Claims.FirstOrDefault(c => c.Type == "role").Value; //This correctly gets the role type "Admin"
var test = authState.User.FindFirst(ClaimTypes.Name); // This returns null
isAdmin = authState.User.IsInRole("Admin"); //false this is the only one that should return true
isCashier = authState.User.IsInRole("Cashier"); //false
isManager = authState.User.IsInRole("Manager"); //false
}
}
}
我找到了这行代码
var test = authState.User.FindFirst(ClaimTypes.Name);
如果我把它改成,它就会工作
var test = authState.User.FindFirst("Name");
这是我的认证方法
public string Authenticate(DataUserNoPasswordModel user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_tokenKey);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.FirstAndLastName),
new Claim(ClaimTypes.Role, user.RoleName)
}),
Expires = DateTime.UtcNow.AddHours(12),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
//return tokenDescriptor;
}
TimCo Retail教程将本地存储用于身份验证状态,您是否尝试清除浏览器缓存以验证未为用户存储旧角色?是的,我有。我在他的youtube视频上发表了评论,他说看看我的API。我将对此进行调查,看看这是否是问题所在。但是当我查看浏览器缓存时,我只看到令牌。我也应该看到其中的角色吗?你能发布你的API脚本吗?还请为其添加上下文,以便其他没有看过Tim视频的人也可以提供帮助
var test = authState.User.FindFirst("Name");
public string Authenticate(DataUserNoPasswordModel user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_tokenKey);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.FirstAndLastName),
new Claim(ClaimTypes.Role, user.RoleName)
}),
Expires = DateTime.UtcNow.AddHours(12),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
//return tokenDescriptor;
}