stackoom
  简体   繁体   中英

Asp.Net Core 3.0 Authorization and Authentication

 原文  2020-01-23 00:58:20       c#/ authentication/ authorization/ identity/ principal

Question

Wherever I look on the internet, identity is used in the login process related to net.core. Nobody talks about logging in with our normal username and password. We are logging in but this time on checks We cannot use [Authorize(Roles="Admin")] or [Authorize] attribute. To use it, we need to login as follows.

signInManager.PasswordSignInAsync (model.email, model.password, true, true);

Look at this link but the result is the same https://docs.microsoft.com/tr-tr/aspnet/core/fundamentals/middleware/?view=aspnetcore-3.1#ord is

If it turns out to be a result here, we are trying for it. What do I need to do to use the above attributes for my own login without using Policy, signInManager.PasswordSignInAsync is doing this exactly what I have added to the message as below, but it did not happen anyway.

My Login Code https://rextester.com/YBJ16358

My Startup

https://rextester.com/VZODZ96615

1 answers

solution1
 1 ACCPTED  2020-01-23 21:11:44

I solved the problem as follows. if username and password true

var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);

            identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.UserName));
            identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
            identity.AddClaim(new Claim(ClaimTypes.GivenName, user.Name));
            identity.AddClaim(new Claim(ClaimTypes.Surname, user.Surname));
            identity.AddClaim(new Claim(ClaimTypes.Email, user.Email));
            foreach (var role in _userManager.GetRolesAsync(user).Result)
            {
                identity.AddClaim(new Claim(ClaimTypes.Role, role));
            }
            ClaimsPrincipal principal = new ClaimsPrincipal(identity);
            AuthenticationProperties _authentication = new AuthenticationProperties
            {
                IsPersistent = true,
                ExpiresUtc = DateTimeOffset.UtcNow
            };
            await _HttpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = true });

My Startup

 services.AddAuthentication(options =>
            {
                options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            })
            .AddCookie(config =>
            {
                config.Cookie.Name = "login";
                config.LoginPath = "/Account/Login";
                config.ExpireTimeSpan = TimeSpan.FromMinutes(5);
            });

and App

   app.UseAuthentication();
   app.UseAuthorization();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Core with optional authentication/authorization Authentication and Authorization in asp.net core ASP.Net Core 5.0 Authentication and Authorization ASP.Net Core 3.0 Windows Authentication with Custom Role Based Authorization ASP.NET Core 3.0 Role Based Authorization not working Disable authentication in Asp.Net Core 3.0 for development Active Directory Authentication by UPN in ASP.NET Core 3.0 ASP.NET Core authentication broken after upgrade to 3.0 Windows Authentication Asp.net core 2 database role authorization Identity Server 3 Authentication/Authorization, with ASP.NET CORE 1.0
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM