发表新帖
发表新帖

Add role in ASP.NET Identity

前端 未结
关注
4 1846
傲寒
傲寒 2020-12-07 17:03

How can I add a Role in the new ASP.NET Identity system (1.0)? There is a UserStore class but no RoleStore class.

I can\'t find any documen

相关标签:
4条回答
  • 感情败类
    2020-12-07 17:07

    I used below snippets in one sample asp.net web page page_load for starting to grasp the way ASP Identity works 

       UserManager userManager = new UserManager();
    var roleStore = new RoleStore<IdentityRole>(new ApplicationDbContext());
    var roleManager = new RoleManager<IdentityRole>(roleStore);
    var applicationRoleAdministrator = new IdentityRole("superadmin");
    if (!roleManager.RoleExists(applicationRoleAdministrator.Name))
    {
        roleManager.Create(applicationRoleAdministrator);
    }
     ApplicationUser applicationUserAdministrator = userManager.FindByName(User.Identity.Name);

    if (!userManager.GetRoles(applicationUserAdministrator.Id).Contains("superadmin"))
    {
        Response.Redirect("~/account/login.aspx?ReturnUrl=" + Request.Url.AbsolutePath);
    }

    Of course below ApplicationDbContext is automatically generated with ASP.NET 4.5+ templates like below 

     public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
    {
        public ApplicationDbContext()
            : base("DefaultConnection")
        {
        }
    }

    Also Create application Role Manager class too

    public class ApplicationRoleManager : RoleManager<IdentityRole>
{
    public ApplicationRoleManager(IRoleStore<IdentityRole, string> roleStore)
        : base(roleStore)
    {
    }

    public static ApplicationRoleManager Create(IdentityFactoryOptions<ApplicationRoleManager> options, IOwinContext context)
    {
        //return new ApplicationRoleManager(new RoleStore<IdentityRole>(context.Get<ApplicationDbContext>()));
        return new ApplicationRoleManager(new RoleStore<IdentityRole>(new ApplicationDbContext()));
    }
}

    also add below line in your startup.Auth.cs => ConfigureAuth(IAppBuilder app) method 

      app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);

    And then in your controller:

    private ApplicationRoleManager _roleManager;

public ApplicationRoleManager RoleManager
{
    get
    {
        return _roleManager ?? HttpContext.GetOwinContext().Get<ApplicationRoleManager>();
    }
    private set
    {
        _roleManager = value;
    }
}

    I am new to this Identity Stuff and I am not sure if it is necessary or I am doing it clean and right, but these steps worked for me

    0 讨论(0)
  • 日久生厌
    2020-12-07 17:11

    ASP.NET identity is claims aware with respect to roles. That really confused me because in the previous system you configured membership and role providers in web.config.

    The issue for me is that I have code like this:

    HttpContext.Current.User.IsInRole("some role")

    Fortunately, this logic still works. You can see the logic in the CreateAsync function in ClaimsIdentityFactory.cs which is in Microsoft.AspNet.Identity.Core. One of the arguments is UserManager. It asks it if it SupportsUserRole and if so then it calls GetRolesAsync and adds each role as a claim to the ClaimIdentity. There is no need to do this yourself.

    IsInRole uses claims as described here:

    http://msdn.microsoft.com/en-us/library/hh545448.aspx

    0 讨论(0)
  • 生来不讨喜
    2020-12-07 17:18 
    RoleManager = new RoleManager<IdentityRole>(
                  new RoleStore<IdentityRole>(new MyDbContext()));
var roleresult = RoleManager.Create(new IdentityRole(roleName));
    0 讨论(0)
  • 说谎
    2020-12-07 17:21

    Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework.

    I would advice to examine the possibility, in my opinion the preferred, to implement Authorization through Claims (Expressing Roles as Claims).

    When the IsInRole() method is called, there is a check made to see if the current user has that role. In claims-aware applications, the role is expressed by a role claim type that should be available in the token.

    The role claim type is expressed using the following URI: "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"

    So from the UserManager you can do something like this (without the RoleManager):

    var um = new UserManager();
um.AddClaimAsync(1, new Claim(ClaimTypes.Role, "administrator"));

    Claims can simplify and increase the performance of authentication and authorization processes. You can use the roles stored as claims to eliminate back-end queries every time authorization takes place.

    Using Claims you will not need the RoleStore anymore (at least for the equivalent authorization purposes...)

    0 讨论(0)
 看不清?
提交回复
热议问题