C# Web API和Angular 5令牌身份验证-登录后获取用户信息
当我访问angular应用程序时,我得到以下信息:C# Web API和Angular 5令牌身份验证-登录后获取用户信息,c#,angular,authentication,asp.net-web-api,token,C#,Angular,Authentication,Asp.net Web Api,Token,当我访问angular应用程序时,我得到以下信息: access_token:"******************" expires_in:59 refresh_token:"******************" token_type:"bearer" 但是现在我想使用登录用户的信息。我的问题是我不能,因为我没有令牌信息之间的用户id 这是我从API的c#登录: //Varifying user credentials public bool Login(string userNa
access_token:"******************"
expires_in:59
refresh_token:"******************"
token_type:"bearer"
但是现在我想使用登录用户的信息。我的问题是我不能,因为我没有令牌信息之间的用户id
这是我从API的c#登录:
//Varifying user credentials
public bool Login(string userName, string password)
{
try
{
ServiceContext db = new ServiceContext();
var userInfo = db.Users.Where(x => x.Username == userName).FirstOrDefault();
if (userInfo != null)
{
string stringPwd = Encoding.ASCII.GetString(userInfo.Password);
return stringPwd == password;
}
else
{
return false;
}
}
catch (Exception ex)
{
return false;
}
}
这是Angular应用程序提供的我的身份验证服务:
@Injectable()
export class AuthenticationService {
constructor(private http: HttpClient) { }
login(username: string, password: string) {
var data = "grant_type=password" + "&username=" + username + "&password=" + password;
var reqHeader = new HttpHeaders({ 'Content-Type': 'application/x-www-urlencoded','No-Auth':'True' });
return this.http.post<any>(`${environment.apiUrl}/token`, data, { headers: reqHeader })
.pipe(map(user => {
// login successful if there's a jwt token in the response
if (user && user.access_token) {
// store user details and jwt token in local storage to keep user logged in between page refreshes
localStorage.setItem('currentUser', JSON.stringify(user));
}
return user;
}));
}
我想显示用于登录的用户名。有人能帮帮我,给我一些建议吗
提前感谢通常
登录
操作之后应该是/me
请求,它从标题读取令牌并返回用户对象。
登录/注册路由应该只返回令牌数据,这是正确的,但
/me
将解码令牌(如果您在令牌中包含用户数据),或者它将通过用户在数据库中的令牌搜索用户 修改您的GrantResourceOwnerCredentials
方法,如下所示
您需要使用AuthenticationProperties
,以便可以在令牌数据中添加更多参数
而AuthenticationTicket
会将您添加的参数绑定到您的令牌数据,并且您将在应用程序中访问这些数据
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
Accounts acc = new Accounts();
//Authenticate the user credentials
if (acc.Login(context.UserName, context.Password))
{
//If you want to display user's firstname, lastname, or picture then
//The below method is for getting user from database by its username
var user = acc.GetUserByUsername(context.UserName);
string firstName = user.FirstName;
string lastName = user.LastName;
identity.AddClaim(new Claim(ClaimTypes.Role, acc.GetUserRole(context.UserName)));
identity.AddClaim(new Claim("username", context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
var props = new AuthenticationProperties(new Dictionary<string, string>
{
{
"userName", context.UserName
},
{
"firstName", firstName
},
{
"lastName", lastName
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
else
{
context.SetError("invalid_grant", "Provided username and password is incorrect");
return;
}
}
输出:
access_token:"******************"
expires_in:59
refresh_token:"******************"
token_type:"bearer",
firstName: "Abc",
lastName: "Pqr",
userName: "Xyz"
您需要在
GrantResourceOwnerCredentials
方法中传递用户名和令牌数据我已经发布了我的GrantResourceOwnerCredentials。有用户名信息,但我如何在angular app上使用?@Tky17,查看答案可能对您有帮助:)我尝试了您的解决方案,但我的令牌信息始终相同..没有用户信息(我复制并通过您发布的代码,并在我的帐户类上添加GetUserByUsername函数)。尝试以相同的方法添加断点,并观察var ticket=newauthenticationticket(标识、道具)代码>属性。你在里面得到了道具吗?或者在这里复制您的道具
valuestry,用Postman中发布的数据调用您的/token
url,并告诉我您将获得什么。我会在一小时内回来:)我尝试了邮递员和我的结果:“访问令牌”:“令牌类型”:“持有者”,“过期令牌”:59,“刷新令牌”:“但通过断点,票证有用户信息
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
{
context.AdditionalResponseParameters.Add(property.Key, property.Value);
}
return Task.FromResult<object>(null);
}
access_token:"******************"
expires_in:59
refresh_token:"******************"
token_type:"bearer",
firstName: "Abc",
lastName: "Pqr",
userName: "Xyz"