![](/img/trans.png)
[英]Troubleshooting ASP.NET Core Role-based Authorization with Windows Authentication
[英]Role-based authorization with ASP.NET Core 5.0
我無法定義我的管理員、公司、代理角色,因為
services.AddDefaultIdentity<IdentityUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
不工作或沒有定義,它給了我一個錯誤
Error CS1061 'IServiceCollection' does not contain a definition for 'AddDefaultIdentity' and no accessible extension method 'AddDefaultIdentity' accepting a first argument of type 'IServiceCollection' could be found (are you missing a using directive or an assembly reference?)
這是我的 ConfigureServices 方法:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddControllersWithViews();
services.AddDbContext<TradeTurkDBContext>();
services.AddDefaultIdentity<IdentityUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<TradeTurkDBContext>();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(x =>
{
...
});
services.AddMvc(config =>
{
...
});
}
這是我使用的庫
using BL.TradeTurk;
using DAL.TradeTurk;
using Entities.TradeTurk;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using System.Security.Claims;
誰能告訴我我缺少哪一部分?
我查看了 Microsoft 源代碼中的AddRoles
部分,我的代碼和它們的源代碼沒有什么不同。
這是該頁面的 Microsoft 源代碼。
我在 .net5 中使用自定義身份進行了如下操作:
public class AppUser : IdentityUser
{
}
public class AppRole : IdentityRole
{
}
public class AppUserRole : IdentityUserRole<string>
{
public virtual AppUser User { get; set; }
public virtual AppRole Role { get; set; }
}
public class ApplicationDbContext : IdentityDbContext<AppUser, AppRole, string, IdentityUserClaim<string>, AppUserRole, IdentityUserLogin<string>, IdentityRoleClaim<string>, IdentityUserToken<string>>
{
public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options)
{
}
protected override void OnModelCreating(ModelBuilder builder)
{
base.OnModelCreating(builder);
}
}
services.AddDbContext<ApplicationDbContext>(options => //...);
services.AddIdentity<AppUser, AppRole>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultUI()
.AddDefaultTokenProviders();
services.AddAuthorization(ops =>
{
ops.AddPolicy("RequireAdmins", policy => policy.RequireRole("Admins"));
});
services.AddRazorPages()
.AddRazorPagesOptions(ops =>
{
ops.Conventions.AuthorizeFolder("/", "RequireAdmins");
});
我認為問題在於管道中的身份驗證和授權的順序,身份驗證應始終放在授權之前。 在 Configure 方法中更改中間件順序,如下所示:-
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
app.UseDeveloperExceptionPage();
else
app.UseExceptionHandler("/Home/Error");
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Account}/{action=Login}/{id?}");
});
}
嘗試使用 services.AddIdentityCore().AddRoles();
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.