asp.net-web-api – 如何自定义认证我自己的表在asp.net web api 2？

发布时间：2020-05-23 11:01:32 所属栏目：asp.Net 来源：互联网

导读：在默认AccountController创建我看到 public AccountController() : this(Startup.UserManagerFactory(), Startup.OAuthOptions.AccessTokenFormat) { } 在Startup.Auth.cs我看到 UserManagerFactory = () =

在默认AccountController创建我看到

public AccountController()
        : this(Startup.UserManagerFactory(),Startup.OAuthOptions.AccessTokenFormat)
    {
    }

在Startup.Auth.cs我看到

UserManagerFactory = () => 
                new UserManager<IdentityUser>(new UserStore<IdentityUser>());

看起来像UserStore的实现来自Microsoft.AspNet.Identity.EntityFramework。

所以，要自定义认证，我必须实现我自己的版本的UserStore喜欢

class MYSTUFFUserStore<IdentityUser> : UserStore<IdentityUser>
 {
 }

并覆盖方法，然后在Startup.Auth.cs中执行此操作

UserManagerFactory = () => 
               new UserManager<IdentityUser>(new MYSTUFFUserStore<IdentityUser>());

我正在寻找一种正确的方式来自定义身份验证。

解决方法

假设您的表称为AppUser，将您自己的AppUser域对象转换为IUser(使用Microsoft.AspNet.Identity)，如下所示

using Microsoft.AspNet.Identity;
public class AppUser : IUser
{
    //Existing database fields
    public long AppUserId { get; set; }
    public string AppUserName { get; set; }
    public string AppPassword { get; set; }

    public AppUser()
    {
        this.Id = Guid.NewGuid().ToString();  
    }

    [Ignore]
    public virtual string Id { get; set; }         
    [Ignore]
    public string UserName
    {
        get
        {
            return AppUserName;
        }
        set
        {
            AppUserName = value;
        }
    }
}

像这样实现UserStore对象

using Microsoft.AspNet.Identity;
public class UserStoreService 
         : IUserStore<AppUser>,IUserPasswordStore<AppUser>
{
    CompanyDbContext context = new CompanyDbContext();

    public Task CreateAsync(AppUser user)
    {            
        throw new NotImplementedException();
    }

    public Task DeleteAsync(AppUser user)
    {
        throw new NotImplementedException();
    }

    public Task<AppUser> FindByIdAsync(string userId)
    {
        throw new NotImplementedException();
    }

    public Task<AppUser> FindByNameAsync(string userName)
    {
        Task<AppUser> task = context.AppUsers.Where(
                              apu => apu.AppUserName == userName)
                              .FirstOrDefaultAsync();

        return task;
    }

    public Task UpdateAsync(AppUser user)
    {
        throw new NotImplementedException();
    }

    public void Dispose()
    {
        context.Dispose();
    }

    public Task<string> GetPasswordHashAsync(AppUser user)
    {
        if (user == null)
        {
            throw new ArgumentNullException("user");
        }

        return Task.FromResult(user.AppPassword);
    }

    public Task<bool> HasPasswordAsync(AppUser user)
    {
        return Task.FromResult(user.AppPassword != null);
    }

    public Task SetPasswordHashAsync(AppUser user,string passwordHash)
    {
        throw new NotImplementedException();
    }

}

如果你有自己的自定义密码哈希，你还需要实现IPasswordHasher。下面是一个没有哈希密码的例子(哦不！

using Microsoft.AspNet.Identity;
public class MyPasswordHasher : IPasswordHasher
{
    public string HashPassword(string password)
    {
        return password;
    }

    public PasswordVerificationResult VerifyHashedPassword
                  (string hashedPassword,string providedPassword)
    {
        if (hashedPassword == HashPassword(providedPassword))
            return PasswordVerificationResult.Success;
        else
            return PasswordVerificationResult.Failed;
    }
}

在Startup.Auth.cs中替换

UserManagerFactory = () => 
     new UserManager<IdentityUser>(new UserStore<IdentityUser>());

与

UserManagerFactory = () => 
     new UserManager<AppUser>(new UserStoreService()) { PasswordHasher = new MyPasswordHasher() };

在ApplicationOAuthProvider.cs中，将IdentityUser替换为AppUser

在AccountController.cs中，将IdentityUser替换为AppUser，并删除所有外部验证方法，如GetManageInfo和RegisterExternal等。

（编辑：安卓应用网）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!