C# 身份角色未添加到用户中
我想将JWT auth用于我的web api,将cookie auth用于Razor页面。 我对控制器使用策略授权。在myC# 身份角色未添加到用户中,c#,asp.net-core,asp.net-core-identity,C#,Asp.net Core,Asp.net Core Identity,我想将JWT auth用于我的web api,将cookie auth用于Razor页面。 我对控制器使用策略授权。在myStartup.cs中,通过此配置,我的Razor页面上的一切都可以正常工作: services.AddIdentity<User, Role>(opt =>{ opt.Password.RequireDigit = false; opt.Password.RequiredLength = 4;
Startup.cs中,通过此配置,我的Razor页面上的一切都可以正常工作:
services.AddIdentity<User, Role>(opt =>{
opt.Password.RequireDigit = false;
opt.Password.RequiredLength = 4;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireUppercase = false;
opt.Password.RequireLowercase = false;
})
.AddEntityFrameworkStores<DataContext>()
.AddRoleValidator<RoleValidator<Role>>()
.AddRoleManager<RoleManager<Role>>()
.AddSignInManager<SignInManager<User>>();
注意:您创建了一个全新的IdentityBuilder
,然后配置了新创建的IdentityBuilder
,而不是服务返回的。additionitycore()
:
IdentityBuilder builder = services.AddIdentityCore<User>(opt =>
{
opt.Password.RequireDigit = false;
opt.Password.RequiredLength = 4;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireUppercase = false;
opt.Password.RequireLowercase = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
... configure the builder
演示:
谢谢。我的web api正在工作,但我得到了:InvalidOperationException:默认标识UI布局需要部分视图“\u LoginPartial”。我不想使用默认用户界面,我还设置了选项。LoginPath=“/Account/Login”;options.LogoutPath=“/Account/Logout”;options.AccessDeniedPath=“/Account/AccessDenied”;饼干options@KaviArshan请将services.AddDefaultIdentity
更改为services.AddIdentity()
:)@KaviArshan哦,我明白了。我没有告诉你configure
func:IdentityBuilder builder=services.AddIdentity(opt=>{opt.Password.RequireDigit=false;…..其他配置…})
我只是忘了在AddIdentity中添加角色谢谢,你救了我一天
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<DataContext>(opt => opt.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.ConfigureApplicationCookie(options =>
{
// Cookie settings
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromDays(1);
options.LoginPath = "/Account/Login";
options.AccessDeniedPath = "/Account/AccessDenied";
options.SlidingExpiration = true;
options.Cookie.Name = Configuration.GetSection("AppSettings:AuthCookieName").Value;
});
// services.AddIdentity<User, Role>(opt =>{
// opt.Password.RequireDigit = false;
// opt.Password.RequiredLength = 4;
// opt.Password.RequireNonAlphanumeric = false;
// opt.Password.RequireUppercase = false;
// opt.Password.RequireLowercase = false;
// });
IdentityBuilder builder = services.AddIdentityCore<User>(opt =>
{
opt.Password.RequireDigit = false;
opt.Password.RequiredLength = 4;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireUppercase = false;
opt.Password.RequireLowercase = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
builder.AddEntityFrameworkStores<DataContext>();
builder.AddRoleValidator<RoleValidator<Role>>();
builder.AddRoleManager<RoleManager<Role>>();
builder.AddSignInManager<SignInManager<User>>();
services.AddAuthorization(options =>{
options.AddPolicy("CorrectUserIdRequested", policy=>{
policy.AddRequirements(new CorrectUserIdRequestedRequirement());
});
options.AddPolicy("RequireAdminRole", policy => policy.RequireRole("admin"));
options.AddPolicy("RequireUserRole", policy => policy.RequireRole("admin","user"));
});
services.AddMvc(options => {
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).
SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
.AddJsonOptions(opt =>
{
opt.SerializerSettings.ReferenceLoopHandling =
Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
// Authentication Scheme
services.AddAuthentication(IdentityConstants.ApplicationScheme)
.AddCookie(IdentityConstants.ApplicationScheme, options =>
{
//if url start with "/api" use jwt instead
options.ForwardDefaultSelector = httpContext => httpContext.Request.Path.StartsWithSegments("/api") ? JwtBearerDefaults.AuthenticationScheme : null;
})
.AddJwtBearer(o =>
{
o.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII
.GetBytes(Configuration.GetSection("AppSettings:Token").Value)),
ValidateIssuer = false,
ValidateAudience = false
};
});
Mapper.Reset();
services.AddCors();
services.AddAutoMapper(typeof(Startup));
//Injections
services.AddTransient<Seed>();
services.AddScoped<AuthService, AuthServicePasswordless>();
services.AddScoped<IUserRepository, UserRepository>();
services.AddScoped<INotificationService, SmsNotifyService>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, Seed seeder)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler(builder => {
builder.Run(async context => {
context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
var error = context.Features.Get<IExceptionHandlerFeature>();
if(error != null){
context.Response.AddApplicationError(error.Error.Message);
await context.Response.WriteAsync(error.Error.Message);
}
});
}); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
// app.UseHsts();
}
// app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
seeder.SeedUsers();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: null,
template: "{area:exists}/{controller=Dashboard}/{action=Index}/{id?}");
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
//Controller
[Authorize(Policy = "RequireAdminRole")]
[Area("Admin")]
public class DashboardController : Controller
{
public IActionResult Index(){
return View();
}
}
IdentityBuilder builder = services.AddIdentityCore<User>(opt =>
{
opt.Password.RequireDigit = false;
opt.Password.RequiredLength = 4;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireUppercase = false;
opt.Password.RequireLowercase = false;
});
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
... configure the builder
builder = new IdentityBuilder(builder.UserType, typeof(IdentityRole), builder.Services);
IdentityBuilder builder = services.AddDefaultIdentity<User>(opt =>
{
...
})
.AddRoles<Role>()
.AddDefaultTokenProviders()
.AddEntityFrameworkStores<DataContext>()
;
builder = new IdentityBuilder(builder.UserType, typeof(Role), builder.Services);
builder.AddEntityFrameworkStores<DataContext>();
builder.AddRoleValidator<RoleValidator<Role>>();
builder.AddRoleManager<RoleManager<Role>>();
builder.AddSignInManager<SignInManager<User>>();
....
services.Configure<CookieAuthenticationOptions>(IdentityConstants.ApplicationScheme,opt=>{
//if url start with "/api" use jwt instead
opt.ForwardDefaultSelector = httpContext => httpContext.Request.Path.StartsWithSegments("/api") ? JwtBearerDefaults.AuthenticationScheme : null;
});
services.AddAuthentication(IdentityConstants.ApplicationScheme)
.AddCookie(IdentityConstants.ApplicationScheme, options =>
{
//if url start with "/api" use jwt instead
options.ForwardDefaultSelector = httpContext => httpContext.Request.Path.StartsWithSegments("/api") ? JwtBearerDefaults.AuthenticationScheme : null;
})
.AddJwtBearer(o =>
{
...
});