堆栈内存溢出
  简体   繁体   English

在ASP.NET MVC中创建自己的授权认证系统

[英]Create my own authorization and authentication system in ASP.NET MVC

 原文  2020-06-01 13:37:18       c#/ asp.net/ asp.net-mvc/ entity-framework/ asp.net-identity

问题描述

I'm working on an ASP.NET project, and i want to create and use my own authorization and authentication system to manage users (in a sql server database) like login, check authorization, and check authentication, i know in ASP.NET we have Identity but I want to create my own system.我正在开发一个 ASP.NET 项目,我想创建和使用我自己的授权和身份验证系统来管理用户(在 sql 服务器数据库中),例如登录、检查授权和检查身份验证,我知道在 Z9E0DA8438E1E38A1C30F4B76CE7 我们有Identity但我想创建自己的系统。

so my question is do anyone have a good algorithm or a structure or just and idea for a custom system?所以我的问题是,有没有人有一个好的算法或结构或定制系统的想法?

Massive thanks in advance.提前致谢。

2 个解决方案

解决方案1
 1  2020-06-01 15:25:43

You can start from simple things, creating a model of User with ordinary fields Login , Password , and AuthController that will have two methods RegisterUser and SignIn .您可以从简单的事情开始,创建一个用户的 model 普通字段LoginPasswordAuthController ,将有两个方法RegisterUserSignIn

RegisterUser - here you have to check if Login already exists, if not - insert data to table Users . RegisterUser - 在这里您必须检查 Login 是否已经存在,如果不存在 - 将数据插入表Users Important thing - you have to choose algorithm to encrypt user password and save it in DB.重要的是 - 您必须选择算法来加密用户密码并将其保存在数据库中。

SignIn - method that will also check if user by Login and Password exists in DB (encrypt password from request by your algorithm and check if exists the same in Users table), if he is - you have to create a token and return it in response (to give an access to your portal). SignIn - 该方法还将通过登录名和密码检查用户是否存在于数据库中(通过您的算法从请求中加密密码并检查用户表中是否存在相同的密码),如果是 - 您必须创建一个令牌并返回它作为响应(授予对您的门户的访问权限)。

Actually we can attach to it validation to a models (see https://fluentvalidation.net/ ), restore password logic with email notification and so on.实际上,我们可以将验证附加到模型(参见https://fluentvalidation.net/ ),使用 email 通知恢复密码逻辑等。 A lot of examples with custom features of authorization and authentication you can find in the internet.您可以在 Internet 上找到许多具有自定义授权和身份验证功能的示例。 Just separate your functionality into parts and google it.只需将您的功能分成几部分并用谷歌搜索即可。

解决方案2
 1  2020-06-01 20:21:26

You could fork from Identity Server 4 and create your own implementation.您可以从 Identity Server 4 分叉并创建自己的实现。 They have a good base to build a solution from and has integration with many app types using OpenID and OAuth.他们有很好的基础来构建解决方案,并与许多使用 OpenID 和 OAuth 的应用程序类型集成。 https://identityserver4.readthedocs.io/en/latest/ https://identityserver4.readthedocs.io/en/latest/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET MVC 4中的身份验证和授权 - Authentication and authorization in ASP.NET MVC 4 ASP.Net MVC要求授权和身份验证 - ASP.Net MVC claims authorization and authentication ASP.Net MVC 6身份验证和授权 - ASP.Net MVC 6 authentication and authorization ASP.NET MVC 4中的身份验证和角色授权 - Authentication and role authorization in ASP.NET MVC 4 Asp.Net MVC 6 Cookie身份验证 - 授权失败 - Asp.Net MVC 6 Cookie Authentication - Authorization fails ASP.NET MVC5中的自定义身份验证和授权? - Custom authentication and authorization in ASP.NET MVC5? 如何在Asp.net MVC 4应用程序中使用身份验证和授权? - How to use Authentication and Authorization in Asp.net MVC 4 application? ASP.NET 5 MVC 6中没有实体框架的身份验证和授权 - Authentication and Authorization without Entity Framework in ASP.NET 5 MVC 6 ASP.NET MVC 4:身份验证和授权:Intranet应用程序 - ASP.NET MVC 4 : Authentication and Authorization:Intranet Application ASP.NET MVC 4中的授权 - Authorization in ASP.NET MVC 4
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM