[英]How to add multiple identity and multiple role in asp.net core
I am new to asp.net core.我是asp.net核心的新手。 So this might not be a good question.
所以这可能不是一个好问题。
I have 3 classes: Admin
, Doctor
, Patient
.我有 3 个班级:
Admin
, Doctor
, Patient
。
I want all those users to be able to login and see their dashboard.我希望所有这些用户都能够登录并查看他们的仪表板。 All of them will have different level of access.
所有这些都将具有不同级别的访问权限。
So I derived these classes from IdenetityUser
like this:所以我从
IdenetityUser
派生了这些类,如下所示:
public class Admin : IdentityUser
{
}
public class Doctor : IdentityUser
{
public const int MaxAppointPerDay = 28;
public Gender Gender { get; set; }
}
public class Patient : IdentityUser
{
public DateTime DateOfBirth { get; set; }
public Gender Gender { get; set; }
}
I am just stuck after this.我只是被困在这之后。
When I tried to add multiple Identitiy by the method AddIdentity<TUser, TRole>()
, it gave me error.当我尝试通过
AddIdentity<TUser, TRole>()
方法添加多个 Identitiy 时,它给了我错误。
What do I do next?我接下来该怎么做?
Most of the examples in the internet involves one IdentityUser
and multiple IdentityRole
.互联网上的大多数示例都涉及一个
IdentityUser
和多个IdentityRole
。 But since the user models are all different, I couldn't go that way.但由于用户模型都不同,我不能那样做。
Thank you.谢谢你。
You cannot repeatedly use AddIdentity
to add an identity.您不能重复使用
AddIdentity
来添加身份。
ASP.NET Core provides a built-in method: AddIdentityCore<TUser>
. ASP.NET Core 提供了一个内置方法:
AddIdentityCore<TUser>
。
You can use it like this: services.AddIdentityCore<Admin>();
您可以像这样使用它:
services.AddIdentityCore<Admin>();
Edit:编辑:
Adding to Yinqiu's answer, for the future readers, if you use this AddIdentityCore
method, the AspNetUsers
table will merge all the properties of each IdentityUser
. AddIdentityCore
秋的回答,对于以后的读者,如果你使用这个AddIdentityCore
方法, AspNetUsers
表将合并每个IdentityUser
所有属性。 Here is an example:下面是一个例子:
Let Teacher
and Student
are two IdentityUser
and both of them have at least one distinct properties, like this:让
Teacher
和Student
是两个IdentityUser
并且他们都至少有一个不同的属性,如下所示:
public class Teacher : IdentityUser
{
public string Subject { get; set; }
}
public class Student : IdentityUser
{
public int Grade { get; set; }
}
Then I add both of their Identity in the startup.cs
like this:然后我在
startup.cs
添加他们的标识,如下所示:
services.AddIdentityCore<Teacher>().AddEntityFrameworkStores<AppDbContext>();
services.AddIdentityCore<Student>().AddEntityFrameworkStores<AppDbContext>();
The AspNetUsers table will include both the Subject
property and the Grade
property. AspNetUsers表将包括
Subject
属性和Grade
属性。 Here is the proof from migration class:这是迁移类的证明:
migrationBuilder.CreateTable(
name: "AspNetUsers",
columns: table => new
{
Id = table.Column<string>(nullable: false),
UserName = table.Column<string>(maxLength: 256, nullable: true),
NormalizedUserName = table.Column<string>(maxLength: 256, nullable: true),
Email = table.Column<string>(maxLength: 256, nullable: true),
NormalizedEmail = table.Column<string>(maxLength: 256, nullable: true),
EmailConfirmed = table.Column<bool>(nullable: false),
PasswordHash = table.Column<string>(nullable: true),
SecurityStamp = table.Column<string>(nullable: true),
ConcurrencyStamp = table.Column<string>(nullable: true),
PhoneNumber = table.Column<string>(nullable: true),
PhoneNumberConfirmed = table.Column<bool>(nullable: false),
TwoFactorEnabled = table.Column<bool>(nullable: false),
LockoutEnd = table.Column<DateTimeOffset>(nullable: true),
LockoutEnabled = table.Column<bool>(nullable: false),
AccessFailedCount = table.Column<int>(nullable: false),
Discriminator = table.Column<string>(nullable: false),
Grade = table.Column<int>(nullable: true),
Subject = table.Column<string>(nullable: true)
},
constraints: table =>
{
table.PrimaryKey("PK_AspNetUsers", x => x.Id);
});
Notice the last two properties are Grade
and Subject
.注意最后两个属性是
Grade
和Subject
。
It's similar to using a base class for all the IdentitiyUser
which will derive from IdentityUser
and include combination of all propeties and then just adding that one base class using AddIdentity<TUser, TRole>
method.这类似于为所有
IdentitiyUser
使用一个基类,它将从IdentityUser
派生并包含所有属性的组合,然后使用AddIdentity<TUser, TRole>
方法添加一个基类。
You can do it like has implemented in Active Directory, instead of creating a new table(entity) for each Access level group you can create only one where you will store Accees level groups Admin , Doctor , Patient
, and so on.您可以像在 Active Directory 中实现的那样执行此操作,而不是为每个 Access 级别组创建一个新表(实体),您只需创建一个表(实体),您将在其中存储 Accees 级别组
Admin , Doctor , Patient
等。 And include IdenetityUser
to any group ... Of course, each group should have some roles.并将
IdenetityUser
包含到任何组...当然,每个组都应该有一些角色。
For example - model:例如 - 型号:
public class BaseGuidIdTable
{
[Key]
public Guid Id { get; set; }
}
public class SecurityGroupRole: BaseGuidIdTable
{
public string Role { get; set; }
public string Description { get; set; }
}
public class SecurityRight: BaseGuidIdTable
{
public string Right { get; set; }
public string Description { get; set; }
}
public class SecurityGroupAccess: BaseGuidIdTable
{
public Guid GroupId { get; set; }
[ForeignKey(nameof(GroupId))]
public SecurityGroupRole GroupRole { get; set; }
public Guid RightId { get; set; }
[ForeignKey(nameof(RightId))]
public SecurityRight Right { get; set; }
}
Add some data :添加一些数据:
builder.Entity<SecurityGroupRole>().HasData(
new SecurityGroupRole
{
Id = new Guid(OwnerGuidTxt),
Role = "Doctor",
Description = "Doctor"
},
new SecurityGroupRole
{
Id = new Guid(AdminGuidTxt),
Role = "Admin",
Description = "Admin"
},
new SecurityGroupRole
{
Id = new Guid(UserGuidTxt),
Role = "Patient",
Description = "Patient"
}
);
builder.Entity<SecurityRight>().HasData(
new SecurityRight
{
Id = new Guid(AddDeleteNewUsers),
Right = "AddDeleteNewUsers",
Description = "Add or delete Users"
},
new SecurityRight
{
Id = new Guid(PasswordChangeYourself),
Right = "PasswordChangeYourself",
Description = "Can password change by yourself"
},
new SecurityRight
{
Id = new Guid(ViewAll),
Right = "ViewAll",
Description = "Can view all objects"
},
new SecurityRight
{
Id = new Guid(CanChangeTags),
Right = "CanChangeTags",
Description = "Can change tags"
}
);
new SecurityGroupAccess {Id = new Guid("DD4C2CC3-65E2-4DD1-A620-723B5ADB8758"), GroupId = ownerGroupGuid, RightId = new Guid(AddDeleteNewUsers) },
new SecurityGroupAccess { Id = new Guid("23CD8B4E-A572-4335-B1EF-2EF115E14947"), GroupId = ownerGroupGuid, RightId = new Guid(PasswordChangeYourself) },
new SecurityGroupAccess { Id = new Guid("6A6A3A41-1103-46BD-B482-AB59903172D9"), GroupId = ownerGroupGuid, RightId = new Guid(ViewAll) },
new SecurityGroupAccess { Id = new Guid("EB133F40-AB3B-4094-9AE7-EF6FD853F36B"), GroupId = ownerGroupGuid, RightId = new Guid(CanChangeTags) },
new SecurityGroupAccess { Id = new Guid("29EE3EDA-08ED-46F1-9EF7-79A2D4021E86"), GroupId = adminGroupGuid, RightId = new Guid(PasswordChangeYourself) },
new SecurityGroupAccess { Id = new Guid("59309220-F49B-4E30-B265-CB2ED71867B0"), GroupId = adminGroupGuid, RightId = new Guid(ViewAll) },
new SecurityGroupAccess { Id = new Guid("F2F3FDF3-1ABC-46FF-BB62-E19B3F48E0AC"), GroupId = adminGroupGuid, RightId = new Guid(CanChangeTags) },
new SecurityGroupAccess { Id = new Guid("7AC0F6A1-A585-40D6-B09B-DD6B86772935"), GroupId = userGroupGuid, RightId = new Guid(PasswordChangeYourself) }
So - in example we add 3 SecurityGroupRole Admin , Doctor , Patient
, and give each some right's, Patient
can change password for himself for example ( excuse me - this is from other project - so naming can looking wrong)所以 - 在示例中,我们添加 3 SecurityGroupRole
Admin , Doctor , Patient
,并赋予每个权限,例如Patient
可以为自己更改密码(对不起 - 这是来自其他项目 - 所以命名可能看起来错误)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.