[英]Add custom roles for blazor Server side with AzureAd
我有一個中間件,可以在登錄后使用AzureAd
向用戶添加自定義角色,它工作正常,但我有一個問題,例如在我登錄並且有人也在我之后登錄后,該用戶仍然具有與我相同的角色為我添加,我不明白為什么 blazor 即使在退出后也會為不同的用戶保存這個角色,這怎么會發生,我該如何以正確的方式做到這一點
這是中間件
public class RoleHandler
{
private readonly RequestDelegate _next;
private List<string> Roles { get; set; }
public RoleHandler(RequestDelegate Next)
{
_next = Next;
}
public async Task InvokeAsync(HttpContext context, IGenericHttpClient<Role> httpClient)
{
if (Roles == null || Roles.Count == 0)
{
Roles = await GetRole(context, httpClient);
}
else
{
foreach (var role in Roles)
{
//Add roles to this user, in this case user can be admin or developer ...
context.User.Identities.FirstOrDefault().AddClaim(new Claim(ClaimTypes.Role, role));
}
}
await _next(context);
}
public async Task<List<string>> GetRole(HttpContext context, IGenericHttpClient<Role> httpClient)
{
List<string> rolesList = new();
//Get role from api like [guid, admin]
var appUserRoles = await httpClient.GetJsonAsync("/api/roles/search?id=XXX");
//Get role from user as guid
var RolesString = context.User.Claims
.Select(c => c.Value).ToList();
foreach (var appRole in appUserRoles)
{
foreach (var role in RolesString)
{
if (appRole.RoleString == role)
{
rolesList.Add(appRole.Name);
}
}
}
return rolesList;
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.