ASP.net Identity 2.0退出另一个用户
[英]ASP.net Identity 2.0 Sign-out another user
问题描述
I'm using asp.net MVC and ASP.net Identity 2.0. 
我正在使用asp.net MVC和ASP.net Identity 2.0。
On my website Admin has option to ban user, and I would like when user is banned that he is automatically signed-out from website. 在我的网站上管理员可以选择禁止用户,我希望当用户被禁止他自动从网站注销时。
I know that I can sign-out current user by calling 我知道我可以通过电话退出当前用户
AuthenticationManager.SignOut();
But is it possible to sign-out another user ? 但是可以注销另一个用户吗? Or maybe shorter his session ? 或者可能缩短他的会话时间 Or anything ? 还是什么?
I know I could make global filter on controllers prohibiting banned users from access but that filter would be ran against each user so I'm not quiet satisfied with that solution. 我知道我可以对控制器进行全局过滤,禁止禁止用户访问但是过滤器会针对每个用户运行,所以我对这个解决方案并不满意。
2 个解决方案
解决方案1
17 2014-09-16 21:15:54
If you use the securitystampvalidator feature, when a user is banned just call: UpdateSecurityStamp(userId) to cause any existing login cookies to be invalid the next time they are checked. 如果使用securitystampvalidator功能,则在禁止用户时,只需调用: UpdateSecurityStamp(userId)以便在下次检查时使任何现有登录cookie无效。
解决方案2
15 已采纳 2014-09-17 09:52:34
You'll need to configure cookie invalidation in Auth.Config.cs: 您需要在Auth.Config.cs中配置cookie失效:
public void ConfigureAuth(IAppBuilder app)
{
// important to register UserManager creation delegate. Won't work without it
app.CreatePerOwinContext(UserManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator
.OnValidateIdentity<UserManager, ApplicationUser, int>(
validateInterval: TimeSpan.FromMinutes(10),
regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
// other configurations
});
// other stuff
}
and then update security stamp as Hao Kung says when users are banned. 当用户被禁止时,郝公说,然后更新安全标记。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.