堆栈内存溢出
  简体   繁体   English

如何在由 angular 和 .net 核心 web api 组成的全栈应用程序中管理用户角色和权限

[英]how to manage user roles and permission in a full stack application made up of angular and .net core web api

 原文  2022-04-12 12:06:42       asp.net/ angular/ asp.net-mvc/ asp.net-core/ asp.net-web-api

问题描述

Am developing a full stack web application where in client part of the app am using angular and .net core web api as the backend part of the application, am stack on how i can get the user roles from the backend into the client app when user login successfully into the system since am using jwt authentication, am able to get the email address which i added it in claims identity if user exists in the database as below我正在开发一个完整的堆栈 web 应用程序,在应用程序的客户端部分,我使用 angular 和 .net 核心 web api 作为应用程序的后端部分,我正在研究如何在用户登录时将用户角色从后端获取到客户端应用程序成功进入系统,因为我使用 jwt 身份验证,我能够获得 email 地址,如果用户存在于数据库中,我将其添加到声明身份中,如下所示

var tokenDescriptor = new SecurityTokenDescriptor
               {
                    Subject = new ClaimsIdentity(new Claim[]
                {
                new Claim(ClaimTypes.Email, obj.Email)
                })

and from client application am getting this user email by decoding the token sent from backend after successfully login as并从客户端应用程序通过解码成功登录后从后端发送的令牌来获取此用户 email

In Typescript File
    var tokenData = jwtHelper.decodeToken(token);
In HTML form
    {{ tokenData.email }}

Therefore, i don't know how i can add roles in claims identity together with email added and obtain them from token in angular app where i can use them as user permissions to access components in client application, thank you in advance.因此,我不知道如何在声明身份中添加角色以及 email 添加并从 angular 应用程序中的令牌获取它们,在那里我可以将它们用作用户权限来访问客户端应用程序中的组件,在此先感谢您。

1 个解决方案

解决方案1
 0 已采纳  2022-04-13 14:51:04

The easiest way is to add roles to your claims with a loop.最简单的方法是使用循环将角色添加到您的声明中。 This is a complete method for creating jwt tokens.这是创建 jwt 个令牌的完整方法。

    public string GenarateToken(User user)
    {
        var claims =new List<Claim>()
        {
            new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
            new Claim(ClaimTypes.Name, user.UserName),
        };

        foreach (var role in user.Roles)
        {
            claims.Add(new Claim(ClaimTypes.Role, role.Name));
        }
       
        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_conf.GetSection("AppSettings:secret").Value));

        var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);

        var tokenDescriptor = new SecurityTokenDescriptor
        {
            Subject = new ClaimsIdentity(claims),
            Expires = DateTime.Now.AddDays(1),
            SigningCredentials = cred
        };

        var tokenHandler = new JwtSecurityTokenHandler();

        var token = tokenHandler.CreateToken(tokenDescriptor);

        return tokenHandler.WriteToken(token);
     }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用 Angular 个人用户帐户身份验证自定义 ASP.NET Core Web 应用程序的登录页面? - How to customize the login page of ASP.NET Core web application with Angular Individual user account authentication? ASP.NET Core Web API 和角色授权 - ASP.NET Core Web API and roles authorization 在运行时中为ASP.NET Core API授权添加用户角色 - Adding user roles in runtime for ASP.NET Core API authorization 如何在IIS上部署Angular和.NET Core Web API? - How To Deploy Angular And .NET Core Web API On IIS? 在Asp.net Web应用程序项目中创建用户角色 - Create User Roles In Asp.net Web Application project 如何在ASP.NET应用程序中管理角色及其权限 - How to manage role and its permission in asp.net application 使用 .NET Web Api 授权 .NET 5 Core MVC Web 应用程序 - Authorization of .NET 5 Core MVC web application using .NET Web Api .NET Core 2.0用户不再具有角色 - .NET Core 2.0 User no longer has roles 如何使用 ASP.NET 核心 web 应用程序托管 web 页面? - How can I host web pages with an ASP.NET Core web application - API project in Visual Studio? 如何在ASP .NET Core中生成和管理API Keys - How to generate and manage API Keys in ASP .NET Core
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM