[英]How do to authenticate a registered user using OWIN & Identity?
I have two projects, MVC web app and a web service. 我有两个项目,MVC Web应用程序和Web服务。 In the MVC web app I have a controller called 'Account'. 在MVC网络应用中,我有一个名为“帐户”的控制器。 In 'Account' there is an action called 'Login'. 在“帐户”中,有一个名为“登录”的操作。 The 'Login'action gets the Authentication Manager from the request. “登录”操作从请求中获取身份验证管理器。 The 'Login' action calls the web service to identify if the user exists. “登录”操作将调用Web服务以识别用户是否存在。 If the user exists, the web service will return 'ClaimsIdentity' for that specific user. 如果该用户存在,则Web服务将为该特定用户返回'ClaimsIdentity'。 The 'Login'action will then use the authentication manager and the claims identity to sign the user in. 然后,“登录”操作将使用身份验证管理器和声明身份来登录用户。
After this, the user is not signed/authenticated. 此后,不对用户进行签名/验证。 I know this because User.Identity.Name is blank and User.Identity.IsAuthenticated is false. 我知道这是因为User.Identity.Name为空白,而User.Identity.IsAuthenticated为false。 Need explanation of why this is happening and what I can do to solve the issue. 需要说明这种情况的发生原因以及我可以采取的解决措施。 There are no build-time or run-time errors. 没有构建时或运行时错误。 I need the web service to perform ALL calls to the database. 我需要Web服务来执行对数据库的所有调用。
Account.Login Code 帐户登录代码
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult LogIn(LoginModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var authManager = GetAuthenticationManager();
var loginFeedback = _webService.Login(model);
if (loginFeedback.Success)
{
authManager.SignIn(loginFeedback.Identity);
return RedirectToAction("Index", "Home");
}
else
{
ModelState.AddModelError("", loginFeedback.FeedbackMessage);
return View(model);
}
}
GetAuthenticationManager GetAuthenticationManager
private IAuthenticationManager GetAuthenticationManager()
{
var context = Request.GetOwinContext();
return context.Authentication;
}
Web Service Login Web服务登录
public LoginFeedbackDto Login(LoginModel loginModel)
{
var userManager = GetUserManager();
var user = userManager.Find(loginModel.Email, loginModel.Password);
var dto = new LoginFeedbackDto();
string status = user.Status.ToLower();
if (status == "invalid")
{
dto.Success = false;
dto.FeedbackMessage = @"This account has not been activated.";
}
else if (status == "rejected")
{
dto.Success = false;
dto.FeedbackMessage = @"This account has been rejected.";
}
else if (status != "invalid" && status != "rejected" && status != "processed")
{
dto.Success = false;
dto.FeedbackMessage = @"We are unable to log you in due to a technical issue.";
}
else
{
dto.Success = true;
dto.Identity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
}
userManager.Dispose();
return dto;
}
What is happening here is the identity you are creating is being 'lost' on the RedirectToAction. 这里发生的是您正在创建的身份在RedirectToAction上“丢失”。
You could make use of CookieMiddleware, which can create a cookie representing the current user. 您可以使用CookieMiddleware,它可以创建代表当前用户的cookie。
You will need an Owin startup class which will need code something like the following. 您将需要一个Owin启动类,该类将需要类似于以下代码。
Make sure 'SelfIssue' is the same AuthenticationType that your webservice sets the ClaimsIdentity.AuthenticationType to. 确保“ SelfIssue”与您的Web服务将ClaimsIdentity.AuthenticationType设置为相同的AuthenticationType。
public const string SelfIssue = "Self-Issue";
public void Configuration(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(SelfIssue);
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = SelfIssue });
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.