登录后,我应该在帐户控制器的哪个位置检查用户是否具有特定角色?
[英]Where exactly in the account controller should I check if a user is in a specific role after login?
问题描述
Hello I am trying to create a simple ban system where if you have the role "Banned" and you try to login it should log you out. 
您好,我正在尝试创建一个简单的禁令系统,如果您具有“禁令”角色并尝试登录,则应注销该系统。
The problem is I don't where exactly in the account controller to check if you in the "Banned" 问题是我没有在帐户控制器中的确切位置检查您是否处于“被禁”状态
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
if (User.IsInRole("Banned"))
{
FormsAuthentication.SignOut();
}
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
I tried putting it below 我试图把它放在下面
case SignInStatus.Success:
But it didn't work. 但这没有用。 I am very new to ASP.NET MVC and any help would be appreciated. 我是ASP.NET MVC的新手,任何帮助将不胜感激。
EDIT: Tried editing the SignInManager but it didnt have an effect 编辑:尝试编辑SignInManager,但没有效果
public virtual async Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout)
{
if (this.UserManager == null)
return SignInStatus.Failure;
TUser user = await this.UserManager.FindByNameAsync(userName).WithCurrentCulture<TUser>();
if ((object)user == null)
return SignInStatus.Failure;
if (this.UserManager.IsInRole(user.Id, "Banned"))
{
return SignInStatus.Failure;
}
if (await this.UserManager.IsLockedOutAsync(user.Id).WithCurrentCulture<bool>())
return SignInStatus.LockedOut;
if (await this.UserManager.CheckPasswordAsync(user, password).WithCurrentCulture<bool>())
{
IdentityResult identityResult = await this.UserManager.ResetAccessFailedCountAsync(user.Id).WithCurrentCulture<IdentityResult>();
return await this.SignInOrTwoFactor(user, isPersistent).WithCurrentCulture<SignInStatus>();
}
if (shouldLockout)
{
IdentityResult identityResult = await this.UserManager.AccessFailedAsync(user.Id).WithCurrentCulture<IdentityResult>();
if (await this.UserManager.IsLockedOutAsync(user.Id).WithCurrentCulture<bool>())
return SignInStatus.LockedOut;
}
return SignInStatus.Failure;
}
1 个解决方案
解决方案1
0 2016-08-22 20:31:23
MVC doesn't really have an easy, built-in way to do what you're requesting. MVC实际上并没有一种简单的内置方法来完成您所请求的操作。 It has the AuthorizeAttribute class which you can use on a controller or an action method. 它具有AuthorizeAttribute类,您可以在控制器或操作方法上使用该类。 It allows you to specify either the users or roles that are allowed access, but it sounds like you want to do the opposite. 它允许你指定的任何用户或允许访问的角色,但它听起来就像你想要做的正好相反。
The problem with the code you've provided is that you would need to include it in every single action method and that would get ugly fast. 您提供的代码存在的问题是,您需要将其包含在每个单独的操作方法中,而这样做的速度很快。
If you really want to pursue this approach, and I'm not sure it's a good one, you could write your own FilterAttribute class. 如果您真的想采用这种方法,但我不确定它是否是一种好的方法,则可以编写自己的FilterAttribute类。
Hope this gets you started in the right direction. 希望这可以帮助您朝正确的方向开始。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.