简体繁体 English

.net核心身份定制

[英].net core identity customization

原文 2020-01-05 21:56:42 6 2 c#/ asp.net/ asp.net-core/ asp.net-identity

Want to check to make sure I'm not barking up the wrong tree before I get too comited.想检查一下以确保在我太投入之前我没有吠错树。 I'm developing a web app using asp.net core for customer order entry and management and I'm a little stuck on how to handle the user authentication side of things.我正在开发一个使用 asp.net core 进行客户订单输入和管理的 Web 应用程序，但我对如何处理用户身份验证方面的问题有些困惑。 I've been looking at using Identity for this, but the examples I've found don't really seem to cover what I'm after.我一直在考虑为此使用 Identity，但是我发现的示例似乎并没有真正涵盖我所追求的内容。

The situation is this.情况是这样的。 I've got an top level organisation, which has many warehouses which has many users and many customers, And each customer also has many users (Different users to the warehouse).我有一个顶级组织，它有很多仓库，有很多用户和很多客户，每个客户也有很多用户（不同的用户到仓库）。

At the organisation level, when creating a new warehouse I want to create a Warehouse admin, this warehouse admin will be able to maintain customers, create warehouse users and view/edit/add all orders for the warehouse customers.在组织层面，在创建新仓库时我想创建一个仓库管理员，这个仓库管理员将能够维护客户、创建仓库用户和查看/编辑/添加仓库客户的所有订单。 Next when customers are added, they need to be assigned to a specifc customer.接下来，当添加客户时，需要将他们分配给特定的客户。 Users can view/maintain all orders for the assigned customer.用户可以查看/维护指定客户的所有订单。

I was thinking I could use Identity Roles to split the different types of users and preform different tasks and allow different actions etc. based on those roles but is it fesiable to use .net core Identity for this type if situation?我在想我可以使用身份角色来拆分不同类型的用户并执行不同的任务并允许基于这些角色的不同操作等，但是如果情况下，是否可以将 .net core Identity 用于这种类型？

2 个解决方案

Sounds like you're on the right track with authentication (checking if users are allowed to access the system).听起来您在身份验证方面走在正确的轨道上（检查是否允许用户访问系统）。 Now for your use case you might want to ensure you're reading up about Authorisation (what users can do after they are authenticated).现在对于您的用例，您可能希望确保您正在阅读授权（用户在通过身份验证后可以做什么）。 The official documentation follows an example of building a web app with user roles, which might the example you're looking for.官方文档遵循使用用户角色构建 Web 应用程序的示例，这可能是您正在寻找的示例。

Both flows are part of the same ASP.NET Core Security framework两个流都是同一个ASP.NET Core 安全框架的一部分

Yes, you can use .NET Core Identity for this.是的，您可以为此使用 .NET Core Identity。 We have a similar role-based setup with 3 roles in one of our projects.我们有一个类似的基于角色的设置，其中一个项目有 3 个角色。 Each user will be assigned a role (admin, customer or user).每个用户都将被分配一个角色（管理员、客户或用户）。 Make sure that each users has an assigned warehouse (eg, WarehouseId).确保每个用户都有一个分配的仓库（例如，WarehouseId）。

Based upon the role, you can filter users lists, eg, only showing users for customers of their own warehouse, but all users for the global admin.您可以根据角色过滤用户列表，例如只显示自己仓库的客户的用户，但全局管理员的所有用户。

You can restrict each controller method by role and filter the data by the WarehouseId of the logged in user.您可以按角色限制每个控制器方法，并按登录用户的 WarehouseId 过滤数据。