[英]How to add multiple identity and multiple role in asp.net core
我是asp.net核心的新手。 所以这可能不是一个好问题。
我有 3 个班级: Admin
, Doctor
, Patient
。
我希望所有这些用户都能够登录并查看他们的仪表板。 所有这些都将具有不同级别的访问权限。
所以我从IdenetityUser
派生了这些类,如下所示:
public class Admin : IdentityUser
{
}
public class Doctor : IdentityUser
{
public const int MaxAppointPerDay = 28;
public Gender Gender { get; set; }
}
public class Patient : IdentityUser
{
public DateTime DateOfBirth { get; set; }
public Gender Gender { get; set; }
}
我只是被困在这之后。
当我尝试通过AddIdentity<TUser, TRole>()
方法添加多个 Identitiy 时,它给了我错误。
我接下来该怎么做?
互联网上的大多数示例都涉及一个IdentityUser
和多个IdentityRole
。 但由于用户模型都不同,我不能那样做。
谢谢你。
您不能重复使用AddIdentity
来添加身份。
ASP.NET Core 提供了一个内置方法: AddIdentityCore<TUser>
。
您可以像这样使用它: services.AddIdentityCore<Admin>();
编辑:
AddIdentityCore
秋的回答,对于以后的读者,如果你使用这个AddIdentityCore
方法, AspNetUsers
表将合并每个IdentityUser
所有属性。 下面是一个例子:
让Teacher
和Student
是两个IdentityUser
并且他们都至少有一个不同的属性,如下所示:
public class Teacher : IdentityUser
{
public string Subject { get; set; }
}
public class Student : IdentityUser
{
public int Grade { get; set; }
}
然后我在startup.cs
添加他们的标识,如下所示:
services.AddIdentityCore<Teacher>().AddEntityFrameworkStores<AppDbContext>();
services.AddIdentityCore<Student>().AddEntityFrameworkStores<AppDbContext>();
AspNetUsers表将包括Subject
属性和Grade
属性。 这是迁移类的证明:
migrationBuilder.CreateTable(
name: "AspNetUsers",
columns: table => new
{
Id = table.Column<string>(nullable: false),
UserName = table.Column<string>(maxLength: 256, nullable: true),
NormalizedUserName = table.Column<string>(maxLength: 256, nullable: true),
Email = table.Column<string>(maxLength: 256, nullable: true),
NormalizedEmail = table.Column<string>(maxLength: 256, nullable: true),
EmailConfirmed = table.Column<bool>(nullable: false),
PasswordHash = table.Column<string>(nullable: true),
SecurityStamp = table.Column<string>(nullable: true),
ConcurrencyStamp = table.Column<string>(nullable: true),
PhoneNumber = table.Column<string>(nullable: true),
PhoneNumberConfirmed = table.Column<bool>(nullable: false),
TwoFactorEnabled = table.Column<bool>(nullable: false),
LockoutEnd = table.Column<DateTimeOffset>(nullable: true),
LockoutEnabled = table.Column<bool>(nullable: false),
AccessFailedCount = table.Column<int>(nullable: false),
Discriminator = table.Column<string>(nullable: false),
Grade = table.Column<int>(nullable: true),
Subject = table.Column<string>(nullable: true)
},
constraints: table =>
{
table.PrimaryKey("PK_AspNetUsers", x => x.Id);
});
注意最后两个属性是Grade
和Subject
。
这类似于为所有IdentitiyUser
使用一个基类,它将从IdentityUser
派生并包含所有属性的组合,然后使用AddIdentity<TUser, TRole>
方法添加一个基类。
您可以像在 Active Directory 中实现的那样执行此操作,而不是为每个 Access 级别组创建一个新表(实体),您只需创建一个表(实体),您将在其中存储 Accees 级别组Admin , Doctor , Patient
等。 并将IdenetityUser
包含到任何组...当然,每个组都应该有一些角色。
例如 - 型号:
public class BaseGuidIdTable
{
[Key]
public Guid Id { get; set; }
}
public class SecurityGroupRole: BaseGuidIdTable
{
public string Role { get; set; }
public string Description { get; set; }
}
public class SecurityRight: BaseGuidIdTable
{
public string Right { get; set; }
public string Description { get; set; }
}
public class SecurityGroupAccess: BaseGuidIdTable
{
public Guid GroupId { get; set; }
[ForeignKey(nameof(GroupId))]
public SecurityGroupRole GroupRole { get; set; }
public Guid RightId { get; set; }
[ForeignKey(nameof(RightId))]
public SecurityRight Right { get; set; }
}
添加一些数据:
builder.Entity<SecurityGroupRole>().HasData(
new SecurityGroupRole
{
Id = new Guid(OwnerGuidTxt),
Role = "Doctor",
Description = "Doctor"
},
new SecurityGroupRole
{
Id = new Guid(AdminGuidTxt),
Role = "Admin",
Description = "Admin"
},
new SecurityGroupRole
{
Id = new Guid(UserGuidTxt),
Role = "Patient",
Description = "Patient"
}
);
builder.Entity<SecurityRight>().HasData(
new SecurityRight
{
Id = new Guid(AddDeleteNewUsers),
Right = "AddDeleteNewUsers",
Description = "Add or delete Users"
},
new SecurityRight
{
Id = new Guid(PasswordChangeYourself),
Right = "PasswordChangeYourself",
Description = "Can password change by yourself"
},
new SecurityRight
{
Id = new Guid(ViewAll),
Right = "ViewAll",
Description = "Can view all objects"
},
new SecurityRight
{
Id = new Guid(CanChangeTags),
Right = "CanChangeTags",
Description = "Can change tags"
}
);
new SecurityGroupAccess {Id = new Guid("DD4C2CC3-65E2-4DD1-A620-723B5ADB8758"), GroupId = ownerGroupGuid, RightId = new Guid(AddDeleteNewUsers) },
new SecurityGroupAccess { Id = new Guid("23CD8B4E-A572-4335-B1EF-2EF115E14947"), GroupId = ownerGroupGuid, RightId = new Guid(PasswordChangeYourself) },
new SecurityGroupAccess { Id = new Guid("6A6A3A41-1103-46BD-B482-AB59903172D9"), GroupId = ownerGroupGuid, RightId = new Guid(ViewAll) },
new SecurityGroupAccess { Id = new Guid("EB133F40-AB3B-4094-9AE7-EF6FD853F36B"), GroupId = ownerGroupGuid, RightId = new Guid(CanChangeTags) },
new SecurityGroupAccess { Id = new Guid("29EE3EDA-08ED-46F1-9EF7-79A2D4021E86"), GroupId = adminGroupGuid, RightId = new Guid(PasswordChangeYourself) },
new SecurityGroupAccess { Id = new Guid("59309220-F49B-4E30-B265-CB2ED71867B0"), GroupId = adminGroupGuid, RightId = new Guid(ViewAll) },
new SecurityGroupAccess { Id = new Guid("F2F3FDF3-1ABC-46FF-BB62-E19B3F48E0AC"), GroupId = adminGroupGuid, RightId = new Guid(CanChangeTags) },
new SecurityGroupAccess { Id = new Guid("7AC0F6A1-A585-40D6-B09B-DD6B86772935"), GroupId = userGroupGuid, RightId = new Guid(PasswordChangeYourself) }
所以 - 在示例中,我们添加 3 SecurityGroupRole Admin , Doctor , Patient
,并赋予每个权限,例如Patient
可以为自己更改密码(对不起 - 这是来自其他项目 - 所以命名可能看起来错误)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.