[英]Asp.net 5 MVC 6 Custom authentication
I spent two weeks searching for solution which allows me to make permission-based authentication. 我花了两个星期的时间寻找解决方案,使我可以进行基于权限的身份验证。 I have database schema like this 我有这样的数据库架构
User <- Role <--> Permissions
Users has only one role which is connected with permissions using many to many relationship 用户只有一个角色,该角色使用多对多关系与权限相关联
I already wrote my models for these entities. 我已经为这些实体编写了模型。
I start with Asp.Net Identity, but its default schema isn't designed for permission-based authentication. 我从Asp.Net Identity开始,但是它的默认架构不是为基于权限的身份验证而设计的。
I also tried to use Cookie Middleware but i can't override ClaimsPrincipal and use my model of user account 我也尝试使用Cookie中间件,但无法覆盖ClaimsPrincipal并使用我的用户帐户模型
The only thing I can do at the moment is writting from the beginning a simple authentication library that uses the session, but it's bad idea due to security issues 我目前唯一能做的就是从一开始就编写一个使用会话的简单身份验证库,但是由于安全性问题,这是一个坏主意
Documentation of new version of Asp.Net mvc isn't finished yet, but maybe someone know how to help me ? 新版本的Asp.Net mvc的文档尚未完成,但是也许有人知道如何帮助我? :/ :/
There are two options. 有两种选择。
You can leverage the cookie authentication system identity uses without having to roll your own, getting the signed validation for free. 您可以利用cookie身份验证系统身份使用,而不必自己动手,免费获得签名验证。 All you would need to do, at a minimum is implement login, logout and a forbidden page. 您所需要做的,至少是实现登录,注销和禁止页面。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.