【发布时间】:2021-06-18 23:54:46
【问题描述】:
我有一组 API,我想对其进行一些身份验证。我已将授权和身份验证部分添加到项目中。我已经为数据库和应用程序用户添加了上下文。我可以创建用户并将他们登录,然后将 JWT 返回给调用者,并根据 JWT 验证用户。但是,我想创建某些具有提升权限的管理员用户。这是我作为用户创建用户的代码:
async Task<Response> ICreateUser.CreateUser(RegisterModel model)
{
var userExists = await userManager.FindByNameAsync(model.UserName);
if (userExists != null)
{
return new Response { Status = "error", Message = "User already exists" };
}
ApplicationUser user = new ApplicationUser()
{
Email = model.Email,
SecurityStamp = Guid.NewGuid().ToString(),
UserName = model.UserName
};
var result = await userManager.CreateAsync(user, model.Password);
if (!result.Succeeded)
{
return new Response { Status = "Error", Message = "Unable to create user" };
}
else
{
var adminRole = await roleManager.FindByNameAsync("admin");
if(!await userManager.IsInRoleAsync(user, adminRole.Name))
{
await userManager.AddToRoleAsync(user, adminRole.Name);
}
}
return new Response { Status = "Success", Message = "User Created" };
}
这将添加用户,甚至将他们添加到角色中。但是,当我列出声明时,我看到的只是 nameidentifier、jti、email、exp、iss 和 aud 值。这是我用来返回声明的代码:
public IActionResult Index()
{
var claims = User.Claims.Select(claim => new { claim.Type, claim.Value }).ToArray();
return Json(claims);
}
当我为管理员创建角色时,我使用了以下代码:
public async Task<IActionResult> Create([Required] string name)
{
var adminRole = await roleManager.FindByNameAsync(name);
if (adminRole == null)
{
adminRole = new IdentityRole(name);
await roleManager.CreateAsync(adminRole);
await roleManager.AddClaimAsync(adminRole, new Claim(ClaimTypes.Role, name));
return Ok("Role Created");
}
else
{
return StatusCode(StatusCodes.Status500InternalServerError, new Response { Status = "error", Message = "Role Not created" });
}
}
就像我说的,我可以创建用户,但我没有看到添加到用户的管理员声明,因此我无法通过角色进行身份验证。我错过了什么?
【问题讨论】:
标签: asp.net-web-api asp.net-authorization asp.net-authentication