Asp.Net Core 2.0 多角色权限认证
生活随笔
收集整理的這篇文章主要介紹了
Asp.Net Core 2.0 多角色权限认证
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個(gè)參考.
在使用 WebForm 技術(shù)開發(fā)網(wǎng)站的時(shí)候,微軟就提供了 Form 身份認(rèn)證,這使得登錄認(rèn)證簡單了許多,不同于 WebForm 以及后來的 Asp.Net Mvc,Asp.Net Core 中的身份認(rèn)證與之前相比使用更加便捷,本文介紹 Asp.Net Core 2.0 多角色授權(quán)認(rèn)證,首先我們需要在 Startup.cs 中開啟授權(quán)認(rèn)證相關(guān)模塊(中間件),代碼如下:
services.AddAuthentication(options=>{options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;}) .AddCookie(options =>{options.LoginPath = "/Account/";options.Cookie.HttpOnly = true;}); services.AddTransient<HttpContextAccessor>();app.UseAuthentication();之后,我們在登錄模塊編寫多角色登錄邏輯代碼如下:
[HttpPost] public async Task<IActionResult> Login(string userCode, string userPassword, int userType = 0, string returnUrl = "") {if ((userCode.Trim().ToLower() == "admin" || userCode.Trim().ToLower() == "user") && userPassword.Trim().ToLower() == "123456"){var claimsIdentity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);claimsIdentity.AddClaim(new Claim(ClaimTypes.Sid, userCode));if (userType == RoleTypeEnum.UserType_Admin){claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, RoleTypeEnum.Admin));}else{claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, RoleTypeEnum.User));}var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal, new AuthenticationProperties{ExpiresUtc = DateTime.UtcNow.AddMinutes(20)});if (!string.IsNullOrEmpty(returnUrl)){return this.Redirect(returnUrl);}else{if (userType == RoleTypeEnum.UserType_Admin){return this.Redirect(Url.Action("Index", "Home", new { area = "Admin" }));}else{return this.Redirect(Url.Action("Index", "Home", new { area = "User" }));}}}else{return this.Content(string.Format("<script>alert('用戶名或者密碼錯誤');location.href='{0}'</script>", Url.Action("Index", "Account")), "text/html;charset=utf8");} }本例只提供管理和普通用戶兩種角色類別,可以根據(jù)情況自由添加,接著,我們就可以在相關(guān)授權(quán)模塊添加 Authorize 元屬性來進(jìn)行角色授權(quán),代碼如下:
// 管理員模塊 [Authorize(Roles = RoleTypeEnum.Authorize_Admin)] [Area("Admin")] public class BaseController : Controller {protected string userCode;public BaseController(IHttpContextAccessor contextAccessor){this.userCode = contextAccessor.HttpContext.User.FindFirst(ClaimTypes.Sid).Value;}protected void InitCookieViewData(){ViewData.Add("UserCode", this.userCode);} } // 用戶模塊 [Authorize(Roles = RoleTypeEnum.Authorize_User)] [Area("User")] public class BaseController : Controller {protected string userCode;public BaseController(IHttpContextAccessor contextAccessor){this.userCode = contextAccessor.HttpContext.User.FindFirst(ClaimTypes.Sid).Value;}protected void InitCookieViewData(){ViewData.Add("UserCode", this.userCode);} }到此,多角色授權(quán)認(rèn)證已經(jīng)結(jié)束,而且我們也獲得了登錄的角色信息,退出登錄的代碼如下:
public async Task<IActionResult> Logout() {await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);return this.Redirect(Url.Action("Index", "Account", new { area = "" })); }本文已提供案例下載地址。
原文地址:https://www.liziwu.net/topic/31.html
.NET社區(qū)新聞,深度好文,微信中搜索dotNET跨平臺或掃描二維碼關(guān)注
總結(jié)
以上是生活随笔為你收集整理的Asp.Net Core 2.0 多角色权限认证的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Hack for Cloud Begin
- 下一篇: asp.net core后台系统登录的快