如何在asp.net core中添加多个身份和多个角色
[英]How to add multiple identity and multiple role in asp.net core
问题描述
I am new to asp.net core.
我是asp.net核心的新手。 So this might not be a good question.所以这可能不是一个好问题。
I have 3 classes: Admin , Doctor , Patient .我有 3 个班级: Admin , Doctor , Patient 。
I want all those users to be able to login and see their dashboard.我希望所有这些用户都能够登录并查看他们的仪表板。 All of them will have different level of access.所有这些都将具有不同级别的访问权限。
So I derived these classes from IdenetityUser like this:所以我从IdenetityUser派生了这些类,如下所示:
public class Admin : IdentityUser
{
}
public class Doctor : IdentityUser
{
public const int MaxAppointPerDay = 28;
public Gender Gender { get; set; }
}
public class Patient : IdentityUser
{
public DateTime DateOfBirth { get; set; }
public Gender Gender { get; set; }
}
I am just stuck after this.我只是被困在这之后。
When I tried to add multiple Identitiy by the method AddIdentity<TUser, TRole>() , it gave me error.当我尝试通过AddIdentity<TUser, TRole>()方法添加多个 Identitiy 时,它给了我错误。
What do I do next?我接下来该怎么做?
Most of the examples in the internet involves one IdentityUser and multiple IdentityRole .互联网上的大多数示例都涉及一个IdentityUser和多个IdentityRole 。 But since the user models are all different, I couldn't go that way.但由于用户模型都不同,我不能那样做。
Thank you.谢谢你。
2 个解决方案
解决方案1
3 已采纳 2020-10-19 05:23:19
You cannot repeatedly use AddIdentity to add an identity.您不能重复使用AddIdentity来添加身份。
ASP.NET Core provides a built-in method: AddIdentityCore<TUser> . ASP.NET Core 提供了一个内置方法: AddIdentityCore<TUser> 。
You can use it like this: services.AddIdentityCore<Admin>();您可以像这样使用它: services.AddIdentityCore<Admin>();
Edit:编辑:
Adding to Yinqiu's answer, for the future readers, if you use this AddIdentityCore method, the AspNetUsers table will merge all the properties of each IdentityUser . AddIdentityCore秋的回答,对于以后的读者,如果你使用这个AddIdentityCore方法, AspNetUsers表将合并每个IdentityUser所有属性。 Here is an example:下面是一个例子:
Let Teacher and Student are two IdentityUser and both of them have at least one distinct properties, like this:让Teacher和Student是两个IdentityUser并且他们都至少有一个不同的属性,如下所示:
public class Teacher : IdentityUser
{
public string Subject { get; set; }
}
public class Student : IdentityUser
{
public int Grade { get; set; }
}
Then I add both of their Identity in the startup.cs like this:然后我在startup.cs添加他们的标识,如下所示:
services.AddIdentityCore<Teacher>().AddEntityFrameworkStores<AppDbContext>();
services.AddIdentityCore<Student>().AddEntityFrameworkStores<AppDbContext>();
The AspNetUsers table will include both the Subject property and the Grade property. AspNetUsers表将包括Subject属性和Grade属性。 Here is the proof from migration class:这是迁移类的证明:
migrationBuilder.CreateTable(
name: "AspNetUsers",
columns: table => new
{
Id = table.Column<string>(nullable: false),
UserName = table.Column<string>(maxLength: 256, nullable: true),
NormalizedUserName = table.Column<string>(maxLength: 256, nullable: true),
Email = table.Column<string>(maxLength: 256, nullable: true),
NormalizedEmail = table.Column<string>(maxLength: 256, nullable: true),
EmailConfirmed = table.Column<bool>(nullable: false),
PasswordHash = table.Column<string>(nullable: true),
SecurityStamp = table.Column<string>(nullable: true),
ConcurrencyStamp = table.Column<string>(nullable: true),
PhoneNumber = table.Column<string>(nullable: true),
PhoneNumberConfirmed = table.Column<bool>(nullable: false),
TwoFactorEnabled = table.Column<bool>(nullable: false),
LockoutEnd = table.Column<DateTimeOffset>(nullable: true),
LockoutEnabled = table.Column<bool>(nullable: false),
AccessFailedCount = table.Column<int>(nullable: false),
Discriminator = table.Column<string>(nullable: false),
Grade = table.Column<int>(nullable: true),
Subject = table.Column<string>(nullable: true)
},
constraints: table =>
{
table.PrimaryKey("PK_AspNetUsers", x => x.Id);
});
Notice the last two properties are Grade and Subject .注意最后两个属性是Grade和Subject 。
It's similar to using a base class for all the IdentitiyUser which will derive from IdentityUser and include combination of all propeties and then just adding that one base class using AddIdentity<TUser, TRole> method.这类似于为所有IdentitiyUser使用一个基类,它将从IdentityUser派生并包含所有属性的组合,然后使用AddIdentity<TUser, TRole>方法添加一个基类。
解决方案2
0 2020-10-15 11:43:40
You can do it like has implemented in Active Directory, instead of creating a new table(entity) for each Access level group you can create only one where you will store Accees level groups Admin , Doctor , Patient , and so on.您可以像在 Active Directory 中实现的那样执行此操作,而不是为每个 Access 级别组创建一个新表(实体),您只需创建一个表(实体),您将在其中存储 Accees 级别组Admin , Doctor , Patient等。 And include IdenetityUser to any group ... Of course, each group should have some roles.并将IdenetityUser包含到任何组...当然,每个组都应该有一些角色。
For example - model:例如 - 型号:
public class BaseGuidIdTable
{
[Key]
public Guid Id { get; set; }
}
public class SecurityGroupRole: BaseGuidIdTable
{
public string Role { get; set; }
public string Description { get; set; }
}
public class SecurityRight: BaseGuidIdTable
{
public string Right { get; set; }
public string Description { get; set; }
}
public class SecurityGroupAccess: BaseGuidIdTable
{
public Guid GroupId { get; set; }
[ForeignKey(nameof(GroupId))]
public SecurityGroupRole GroupRole { get; set; }
public Guid RightId { get; set; }
[ForeignKey(nameof(RightId))]
public SecurityRight Right { get; set; }
}
Add some data :添加一些数据:
builder.Entity<SecurityGroupRole>().HasData(
new SecurityGroupRole
{
Id = new Guid(OwnerGuidTxt),
Role = "Doctor",
Description = "Doctor"
},
new SecurityGroupRole
{
Id = new Guid(AdminGuidTxt),
Role = "Admin",
Description = "Admin"
},
new SecurityGroupRole
{
Id = new Guid(UserGuidTxt),
Role = "Patient",
Description = "Patient"
}
);
builder.Entity<SecurityRight>().HasData(
new SecurityRight
{
Id = new Guid(AddDeleteNewUsers),
Right = "AddDeleteNewUsers",
Description = "Add or delete Users"
},
new SecurityRight
{
Id = new Guid(PasswordChangeYourself),
Right = "PasswordChangeYourself",
Description = "Can password change by yourself"
},
new SecurityRight
{
Id = new Guid(ViewAll),
Right = "ViewAll",
Description = "Can view all objects"
},
new SecurityRight
{
Id = new Guid(CanChangeTags),
Right = "CanChangeTags",
Description = "Can change tags"
}
);
new SecurityGroupAccess {Id = new Guid("DD4C2CC3-65E2-4DD1-A620-723B5ADB8758"), GroupId = ownerGroupGuid, RightId = new Guid(AddDeleteNewUsers) },
new SecurityGroupAccess { Id = new Guid("23CD8B4E-A572-4335-B1EF-2EF115E14947"), GroupId = ownerGroupGuid, RightId = new Guid(PasswordChangeYourself) },
new SecurityGroupAccess { Id = new Guid("6A6A3A41-1103-46BD-B482-AB59903172D9"), GroupId = ownerGroupGuid, RightId = new Guid(ViewAll) },
new SecurityGroupAccess { Id = new Guid("EB133F40-AB3B-4094-9AE7-EF6FD853F36B"), GroupId = ownerGroupGuid, RightId = new Guid(CanChangeTags) },
new SecurityGroupAccess { Id = new Guid("29EE3EDA-08ED-46F1-9EF7-79A2D4021E86"), GroupId = adminGroupGuid, RightId = new Guid(PasswordChangeYourself) },
new SecurityGroupAccess { Id = new Guid("59309220-F49B-4E30-B265-CB2ED71867B0"), GroupId = adminGroupGuid, RightId = new Guid(ViewAll) },
new SecurityGroupAccess { Id = new Guid("F2F3FDF3-1ABC-46FF-BB62-E19B3F48E0AC"), GroupId = adminGroupGuid, RightId = new Guid(CanChangeTags) },
new SecurityGroupAccess { Id = new Guid("7AC0F6A1-A585-40D6-B09B-DD6B86772935"), GroupId = userGroupGuid, RightId = new Guid(PasswordChangeYourself) }
So - in example we add 3 SecurityGroupRole Admin , Doctor , Patient , and give each some right's, Patient can change password for himself for example ( excuse me - this is from other project - so naming can looking wrong)所以 - 在示例中,我们添加 3 SecurityGroupRole Admin , Doctor , Patient ,并赋予每个权限,例如Patient可以为自己更改密码(对不起 - 这是来自其他项目 - 所以命名可能看起来错误)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.