servicestack" />
servicestack,Mysql,Authentication,Mysql 在使用my_aspnet_*表时,迁移到ServiceStack身份验证框架的最佳方法是什么
我还没有完全准备好将我的所有user/auth表从MySQL user/roles/profile provider格式更改为其他格式,但我正在从MVC转换为ServiceStack 是否有可以使用的预构建IUSerAuthResposition和/或CredentialAuthProvider,或者我是否需要构建一个来提供此映射 如果我需要构建一个,我假设在IUserAuthRepository级别实现是最干净的?是否有实现基本登录/注销和管理交换机用户模拟功能所需的最少方法集 我尝试实现一个定制的CredentialAuthProvider,这似乎很有效,但是我无法获得本地帖子来模拟使用合适的提供者。在寻找解决方案时,我意识到也许最好是实现存储库 编辑: 我当前对自定义身份验证提供程序的注册是:Mysql 在使用my_aspnet_*表时,迁移到ServiceStack身份验证框架的最佳方法是什么,mysql,authentication,
servicestack,Mysql,Authentication,
Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider[]
{
container.Resolve<MySqlCredentialsAuthProvider>() //HTML Form post of UserName/Password credentials
}));
[RequiredRole(SystemRoles.Administrator)]
public object Any(ImpersonateUser request)
{
using (var service = base.ResolveService<AuthenticateService>()) //In Process
{
//lets us login without a password if we call it internally
var result = service.Post(new Authenticate
{
provider = AuthenticateService.CredentialsProvider,
UserName = request.Username,
//Password = "should-not-matter-since-we-are-posting-locally"
});
return result;
}
}
public class CustomCredentialsAuthProvider : CredentialsAuthProvider
{
public override bool TryAuthenticate(IServiceBase authService,
string userName, string password)
{
//Add here your custom auth logic (database calls etc)
//Return true if credentials are valid, otherwise false
}
public override IHttpResult OnAuthenticated(IServiceBase authService,
IAuthSession session, IAuthTokens tokens,
Dictionary<string, string> authInfo)
{
//Fill IAuthSession with data you want to retrieve in the app eg:
session.FirstName = "some_firstname_from_db";
//...
//Call base method to Save Session and fire Auth/Session callbacks:
return base.OnAuthenticated(authService, session, tokens, authInfo);
//Alternatively avoid built-in behavior and explicitly save session with
//authService.SaveSession(session, SessionExpiry);
//return null;
}
}
// Open DB Connection to RDBMS
using (var db = container.Resolve<IDbConnectionFactory>().Open())
{
//Example of fetching old Users out of a custom table (use your table instead)
var oldUsers = db.Select<OldUserInfo>();
// Clear existing UserAuth tables if you want to replay this import
//db.DeleteAll<UserAuthDetails>();
//db.DeleteAll<UserAuth>();
//Go through and create new User Accounts using Old User Info
foreach (var oldUser in oldUsers)
{
//Create New User Info from Old Info
var newUser = new UserAuth {
UserName = oldUser.UserName,
Email = oldUser.Email,
//...
};
//Create New User Account with oldUser Password
authRepo.CreateUserAuth(newUser, oldUser.Password);
}
}
在此之后,您将拥有来自旧用户信息的新用户帐户,您可以使用这些帐户登录 Mythz,这是我之前实现的自定义CredentialAuthProvider,但是在本地请求AuthenticateService进行管理员模拟时遇到问题。我正在执行的调用返回了无效的用户名或密码错误,但请求从未命中我的自定义提供程序。有什么想法?@JesseP在看不到你的注册码和电话号码的情况下无法说出。是否正在调用CredentialAuthProvider.IsAuthorized?有关该信息,请参阅原始问题的编辑。谢谢@JesseP无法从这里判断,我假设它是继承CredentialAuthProvider,并且您已将SkippPasswordVerificationForInProcessRequests设置为true?从IOC解析MySQlCredentialAuthProvider非常突出,因为它需要是单例的,所以应该只有单例/线程安全的DEP,所以我个人会手动将任何DEP注入构造函数中。除此之外,从这里看不到,将需要一个独立的重新调试本地,否则您可以尝试使用Perfect,我将采用覆盖AuthenticatePrivateQuest的方法。谢谢
// Open DB Connection to RDBMS
using (var db = container.Resolve<IDbConnectionFactory>().Open())
{
//Example of fetching old Users out of a custom table (use your table instead)
var oldUsers = db.Select<OldUserInfo>();
// Clear existing UserAuth tables if you want to replay this import
//db.DeleteAll<UserAuthDetails>();
//db.DeleteAll<UserAuth>();
//Go through and create new User Accounts using Old User Info
foreach (var oldUser in oldUsers)
{
//Create New User Info from Old Info
var newUser = new UserAuth {
UserName = oldUser.UserName,
Email = oldUser.Email,
//...
};
//Create New User Account with oldUser Password
authRepo.CreateUserAuth(newUser, oldUser.Password);
}
}