如何指定用户角色
[英]How to specify user roles
问题描述
I have a working login system, that required users to authenticate. 
我有一个正常的登录系统,要求用户进行身份验证。 The problem is I don't know how to connect the roles specified in the [Authorize] attribute to the roles specified in my database. 问题是我不知道如何将[Authorize]属性中指定的角色连接到数据库中指定的角色。
I hope someone can help me, because I don't really know where to start and can't find anything useful on the internet. 我希望有人能帮助我,因为我真的不知道从哪里开始,也找不到在互联网上有用的东西。
This is my accountcontroller: 这是我的帐户控制器:
public class AccountController : Controller
{
IAuthProvider authProvider;
public AccountController(IAuthProvider auth) {
authProvider = auth;
}
public ViewResult Login() {
return View();
}
[HttpPost]
public ActionResult Login(LoginViewModel model, string returnUrl) {
if (ModelState.IsValid) {
if (authProvider.Authenticate(model.Gebruikersnaam, model.Wachtwoord)) {
return Redirect(returnUrl ?? Url.Action("Index", "Admin"));
} else {
ModelState.AddModelError("", "Foute gebruikersnaam of wachtwoord");
return View();
}
} else {
return View();
}
}
}
I have my authorization set up like so: 我已经这样设置了我的授权:
[Authorize]
public class AdminController : Controller
{
[Authorize(Roles = "Admin")]
public ViewResult Index()
{
return View();
}
I made a custom AuthProvider: 我做了一个自定义的AuthProvider:
public class FormsAuthProvider : IAuthProvider
{
IUserRepository repository { get; set; }
public FormsAuthProvider(IUserRepository repo)
{
repository = repo;
}
public bool Authenticate(string username, string password)
{
bool result = false;
IEnumerable<User> users = repository.GetAllUsers();
if (users.Any(g => g.Username == username && g.Password == password)) {
result = true;
}
if (result) {
FormsAuthentication.SetAuthCookie(username, false);
}
return result;
}
}
This is my user class: 这是我的用户类:
public class User
{
[Key]
public string Username { get; set; }
public string Password { get; set; }
public string Role { get; set; }
}
1 个解决方案
解决方案1
1 已采纳 2014-03-24 01:40:51
If you are to use your custom tables for roles, you should implement a roles provider. 如果要将自定义表用于角色,则应实施角色提供程序。 You can do this by inheriting from abstract base class System.Web.Security.RoleProvider which lives in System.Web.ApplicationServices.dll . 您可以通过继承驻留在System.Web.ApplicationServices.dll中的抽象基类System.Web.Security.RoleProvider来实现。 Once you inherit from RoleProvider you may be intimidated by all the methods automatically created. 从RoleProvider继承后,您可能会被自动创建的所有方法所吓倒。 You will only have to provide implementations for methods you will be using (in your case I think it would be GetRolesForUser ). 您只需要提供将要使用的方法的实现(就您而言,我认为它将是GetRolesForUser )。
Once you implement the roles provider, register it with the framework using the web.config . 实施角色提供程序后,请使用web.config在框架中注册它。
Have a look at the following article if you are new to the whole membership provider pattern. 如果您是整个成员资格提供者模式的新手,请查看以下文章。 http://www.mattwrock.com/post/2009/10/14/implementing-custom-membership-provider-and-role-provider-for-authinticating-aspnet-mvc-applications.aspx http://www.mattwrock.com/post/2009/10/14/implementing-custom-membership-provider-and-role-provider-for-authinticating-aspnet-mvc-applications.aspx
Cheers 干杯
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.