堆栈内存溢出
  简体   繁体   English

如何访问授权用户的自定义标签助手

[英]how to access authorized user a custom tag helper

 原文  2019-06-30 21:44:25       c#/ authentication/ asp.net-core/ asp.net-core-identity

问题描述

I'm trying to verify if the current authorized is in a specific role, using a custom tag helper. 我正在尝试使用自定义标签帮助程序来验证当前授权的用户是否具有特定角色。 I want to use UserManager.IsInRoleAsync() , but I need to pass in a User object. 我想使用UserManager.IsInRoleAsync() ,但是我需要传递一个User对象。

How can I access the current authorized user? 如何访问当前的授权用户? 

public override async Task ProcessAsync(TagHelperContext context, TagHelperOutput output)
{
    base.PreProcess(context, output);

    bool isInRole = _um.IsInRoleAsync(????, this.Roles); ;

    var policy = await AuthorizationPolicy.CombineAsync(_policy, new[] { this });
    var authResult = await _eva.AuthenticateAsync(policy, _http.HttpContext);
    var authorizeResult = await _eva.AuthorizeAsync(policy, authResult, _http.HttpContext, null);
}

2 个解决方案

解决方案1
 2  2019-06-30 22:01:53

Combine ViewContextAttribute , HttpContext.User and UserManager.GetUserAsync : 结合使用ViewContextAttributeHttpContext.UserUserManager.GetUserAsync 

[ViewContext]
public ViewContext ViewContext { get; set; }

public override async Task ProcessAsync(TagHelperContext context, TagHelperOutput output)
{
    // ...

    var claimsPrincipal = ViewContext.HttpContext.User;
    var identityUser = await _um.GetUserAsync(claimsPrincipal);

    if (identityUser == null)
    {
        // Either no user is signed in or there's no match for the user in Identity.
        // ...
    }

    bool isInRole = _um.IsInRoleAsync(identityUser, this.Roles);

    // ...
}

Here's a breakdown of what's happening: 这是正在发生的事情的分解:

  1. Using a property decorated with [ViewContext] , we can access the ViewContext and its HttpContext property. 使用装饰有[ViewContext]的属性,我们可以访问ViewContext及其HttpContext属性。
  2. Given a HttpContext , we can access its User property and pass that into a call to UserManager.GetUserAsync , which returns the IdentityUser (or custom type) used by the Identity implementation. 给定HttpContext ,我们可以访问其User属性,并将其传递给对UserManager.GetUserAsync的调用,该调用返回Identity实现使用的IdentityUser (或自定义类型)。
  3. We pass this identityUser value into UserManager.IsInRoleAsync . 我们将此identityUser值传递给UserManager.IsInRoleAsync

解决方案2
 0 已采纳  2019-06-30 22:17:52

I ended up rewriting some of the logic:: 我最终重写了一些逻辑: 

var foo = new AuthorizationPolicyBuilder()
            .RequireAuthenticatedUser();

    if (!this.Roles.IsNull())
    {
        foo.RequireRole(this.Roles.Split(","));
    }

    if (!this.AuthenticationSchemes.IsNull())
    {
        foo.AddAuthenticationSchemes(this.AuthenticationSchemes);
    }

    var policy = foo.Build();
    var authResult = await _eva.AuthenticateAsync(policy, _http.HttpContext);
    var authorizeResult = await _eva.AuthorizeAsync(policy, authResult, _http.HttpContext, null);

    if (!authorizeResult.Succeeded)
    {
        output.SuppressOutput();
    }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何访问经过身份验证和授权的用户详细信息? - How to access the authenticated & authorized User details? 如何允许经过身份验证的用户或授权用户访问 controller 方法? - How to allow access to controller method for either authenticated user or authorized user? 自定义标签助手调试 - Custom Tag helper debugging 自定义标签助手不起作用 - Custom tag helper not working 如何创建包含其他标签助手的自定义标签助手 - How to create custom tag helper containing other tag helpers 从标签助手中,我如何访问不是标签助手属性的属性? - From within the tag helper, how can I access the attributes that are not properties of the tag helper? <Authorized>标记在自定义实现中无法识别 - <Authorized> tag not being recognized in custom implementation 自定义标签助手:如何在属性中使用复杂对象? - Custom tag helper: How do I use complex objects in attributes? 如何解决VS代码中的自定义标签助手问题? - How to fix custom tag helper problem in VS code? 如何为也在 javascript 代码中执行的剃刀创建自定义标签助手? - How to create a custom Tag Helper for razor performed also in javascript code?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM