C# 检查用户';使用aspnet标识登录期间的角色
我正在开发asp.net应用程序。我有一个包含4个角色的aspnetroles表:C# 检查用户';使用aspnet标识登录期间的角色,c#,asp.net,C#,Asp.net,我正在开发asp.net应用程序。我有一个包含4个角色的aspnetroles表: **Id Name** 1 Admin 4 Consumer 2 Provider 3 SaleUser 在AccountController注册操作方法中,我添加了以下内容: var user = new ApplicationUser { UserName = model.Email, Email = model.Email}; var result
**Id Name**
1 Admin
4 Consumer
2 Provider
3 SaleUser
在AccountController注册操作方法中,我添加了以下内容:
var user = new ApplicationUser { UserName = model.Email, Email = model.Email};
var result = await UserManager.CreateAsync(user, model.Password);
**UserManager.AddToRole(user.Id, model.UserRole);**
现在,我在登录时检查登录操作结果,如下所示:
我看到aspnetusers和aspnetuseroles表有正确的数据
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
if (User.IsInRole(model.UserRole))
return RedirectToLocal(returnUrl);
但条件失败了。如何检查用户是否属于特定角色
我在Startup.cs ConfigureAuth方法中添加了以下行:
app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);
请试试这个
if (result == SignInStatus.Success)
{
var user = new ClaimsPrincipal(AuthenticationManager.AuthenticationResponseGrant.Identity);
if (user.IsInRole(model.UserRole))
{
return RedirectToLocal(returnUrl);
}
else
{
AuthenticationManager.AuthenticationResponseGrant = null;
model.Roles = GetRoles();
ModelState.AddModelError("", "You cannot login as " + model.UserRole);
return View(model);
}
}
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
问题是,用户
是根据您发送到浏览器的cookie创建的,但此时您尚未发送它们。请尝试此操作
if (result == SignInStatus.Success)
{
var user = new ClaimsPrincipal(AuthenticationManager.AuthenticationResponseGrant.Identity);
if (user.IsInRole(model.UserRole))
{
return RedirectToLocal(returnUrl);
}
else
{
AuthenticationManager.AuthenticationResponseGrant = null;
model.Roles = GetRoles();
ModelState.AddModelError("", "You cannot login as " + model.UserRole);
return View(model);
}
}
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
问题是,
User
是根据您发送到浏览器的cookies创建的,但此时您尚未发送它们。谢谢。这起作用了。只有一个问题。如果我选择了错误的角色,我会收到错误消息,之后当我再次尝试登录时,我会收到此消息“提供的防伪令牌是针对与当前用户不同的基于声明的用户的。”@user1125955问题是,当角色出错时,只需将AuthenticationManager.AuthenticationResponseGrant设置为null
,我添加了这一点,现在在第二次登录时它不会显示该错误。但它现在没有登录。请检查问题更新。@user1125955如果我理解正确,当所选角色错误时您需要拒绝登录是吗?@user1125955请添加结果检查,更新我的代码谢谢。这起作用了。只有一个问题。如果我选择了错误的角色,我会收到错误消息,之后当我再次尝试登录时,我会收到此消息“提供的防伪令牌是针对与当前用户不同的基于声明的用户的。”@user1125955问题是,当角色出错时,只需将AuthenticationManager.AuthenticationResponseGrant设置为null
,我添加了这一点,现在在第二次登录时它不会显示该错误。但它现在没有登录。请检查问题更新。@user1125955如果我理解正确,当所选角色错误时您需要拒绝登录是吗?@user1125955请添加结果检查,更新我的代码是否if(User.IsInRole(model.UserRole))
if(User.IsInRole(model.UserRole))if(User.IsInRole(model.UserRole))type在更新的代码部分?
var user = new ClaimsPrincipal(AuthenticationManager.AuthenticationResponseGrant.Identity);
if (User.IsInRole(model.UserRole))
return RedirectToLocal(returnUrl);
else
{
AuthenticationManager.AuthenticationResponseGrant = null;
model.Roles = GetRoles();
ModelState.AddModelError("", "You cannot login as " + model.UserRole);
return View(model);
}
if (result == SignInStatus.Success)
{
var user = new ClaimsPrincipal(AuthenticationManager.AuthenticationResponseGrant.Identity);
if (user.IsInRole(model.UserRole))
{
return RedirectToLocal(returnUrl);
}
else
{
AuthenticationManager.AuthenticationResponseGrant = null;
model.Roles = GetRoles();
ModelState.AddModelError("", "You cannot login as " + model.UserRole);
return View(model);
}
}
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);