ASP.NET Identity 使用简介
2024-04-24 16:14:42
1. 什么是 ASP.NET Identity
ASP.NET Identity 是微软推出,用于在ASP.NET应用中管理用户的组件。
The mainstay for user management in recent years has been ASP.NET Membership, which has suffered from design choices. The biggest limitation is that the schema used to store the data worked only with SQL Server and was difficult to extend without re-implementing a lot of provider classes. The schema itself was overly complex, which made it harder to implement changes than it should have been.
--Pro ASP.NET MVC 5 Platform
2. 如何配置ASP.NET Identity with MySQL
2.1 配置ASP.NET Identity
2.1.1 安装相应的组件包
Microsoft.AspNet.Identity.EntityFramework
Microsoft.AspNet.Identity.OWIN
Microsoft.Owin.Host.SystemWeb
2.1.2 自定义核心组件
$ User model
默认的user model是 IdentityUser(Microsoft.AspNet.Identity.EntityFramework)。这个类有12个内建的属性,如 Id、UserName、PasswordHash、Email等
一般,根据业务需求,我们需要其它额外的属性。我们可以创建一个继承自IdentityUser的自定义类,在这个自定义类中添加额外的属性。
using Microsoft.AspNet.Identity.EntityFramework
public class AppUser : IdentityUser {
// 在这里添加额外的属性
}
$ DB Context
一般我们需要改变Identity用到的数据库表的名称。默认的数据库表为:AspNetUsers、AspNetUserRoles、AspNetUserLogins、AspNetUserCliams、AspNetRoles。
using System.Data.Entity;
using Microsoft.Asp.Net.Identity.EntityFramework;
public class AppIdentityDbContext : IdentityDbContext<AppUser> {
public AppIdentityDbContext() : base("IdentityDb") { }
public AppIdentityDbContext(string connectionString)
: base(connectionString) {
}
protected override void OnModelCreating(DbModelBuilder modelBuilder {
base.OnModelCreating(modelBuilder);
modelBuilder.Entity<AppUser>().ToTable("user");
modelBuilder.Entity<IdentityRole>().ToTable("role");
modelBuilder.Entity<IdentityUserRole>().ToTable("userrole");
modelBuilder.Entity<IdentityUserClaim>().ToTable("userclaim");
modelBuilder.Entity<IdentituUserLogin>().ToTable("userlogin");
}
}
$ DB 初始化
如果你不熟悉Identity的数据库表的结构,可以通过代码让Identity自动创建。
如果你比较熟悉,那我推荐用专业的数据库管理工具来创建,如MySQL Workbench。
代码示例。一般初始化代码只需要执行一次,好好斟酌策略,防止数据被删。
using System.Data.Entity;
public class AppIdentityDbContext : IdentityDbContext<AppUser> {
...
static AppIdentityDbContext() {
Database.SetInitializer<AppIdentityDbContext>(new IdentityDbInit());
}
}
using System.Data.Entity;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
public class IdentityDbInit : DropCreateDatabaseAlways<AppIdentityDbContext> {
protectedd override void Seed(AppIdentityDbContext context) {
this.InitAdmin(context);
base.Seed(context);
}
public void InitAdmin(AppIdentityDbContext context) {
string adminName = "admin";
string adminPassword = "changeme";
string adminRoleName = "Administrators";
// 创建用户
UserManager<AppUser> userManager = new UserManager<AppUser>(
new UserStore<AppUser>(context));
var user = new AppUser { UserName = adminName };
userManager.Create(user, adminPassword);
// 创建角色
RoleManager<IdentityRole> roleManager = new RoleManager<IdentityRole>(
new RoleStore<IdentityRole>(context));
var adminRole = roleManager.Create(new IdentityRole(adminRoleName));
// 给用户赋予角色
userManager.AddToRole(user.Id, adminRoleName);
}
}
$ 配置
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Owin;
public class IdentityConfig {
public void Configuration(IAppBuilder app) {
app.CreatePerOwinContext<AppIdentityDbContext>(() => new AppIdentityDbContext());
app.CreatePerOwinContext<UserManager<AppUser>>(
(o, c) => new UserManager<AppUser>(new UserStore<AppUser>(
c.Get<AppIdentityDbContext>())));
app.CreatePerOwinContext<RoleManager<IdentityRole>>(
(o, c) => new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(
c.Get<AppIdentityDbContext>())));
app.UseCookieAuthentication(new CookieAuthenticationOptions {
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
}
}
2.1.3 配置web.config
<configuration> <appSettings> <add key="owin:AppStartup" value="IdentityConfig" /> ... </appSettings> ... </configuration>
2.2 配置MySQL DB
2.2.1 安装相应的组件包
MySql.Data.Entity
2.2.2 配置web.config
<configuration> <configSections> <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework"> </configSections> <system.data> <DbProviderFactories> <remove invariant="MySql.Data.MySqlClient" /> <add name="MySQL Data Provider" invariant="MySql.Data.MySqlClient" description=".Net Framework Data Provider for MySQL" type="MySql.Data.MySqlClient.MySqlClientFactory, MySql.Data" /> </DbProviderFactories> </system.data> <connectionStrings> <add name="IdentityDb" connectionString="server=192.168.0.9;user id=tester;password=changeme;database=IdentityDb" providerName="MySql.Data.MySqlClient" /> </connectionStrings> <entityFramework> <providers> <provider invariantName="MySql.Data.MySqlClient" type="MySql.Data.MySqlClient.MySqlProviderServices, MySql.Data.Entity.EF6" /> </providers> </entityFramework> </configuration>
2.2.3 创建DB
方法一:创建一个没有表的空DB,通过代码让Identity自动创建表。(见上文)
方法二:创建一个带有所有Identity相关表的DB
$ User
CREATE TABLE `user` (
`Id` varchar(128) NOT NULL,
`Email` varchar(256) DEFAULT NULL,
`EmailConfirmed` tinyint(1) NOT NULL,
`PasswordHash` longtext,
`SecurityStamp` longtext,
`PhoneNumber` longtext,
`PhoneNumberConfirmed` tinyint(1) NOT NULL,
`TwoFactorEnabled` tinyint(1) NOT NULL,
`LockoutEndDateUtc` datetime DEFAULT NULL,
`LockoutEnabled` tinyint(1) NOT NULL,
`AccessFailedCount` int(11) NOT NULL,
`UserName` varchar(256) NOT NULL,
PRIMARY KEY (`Id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8$ Role
CREATE TABLE `role` ( `Id` varchar(128) NOT NULL, `Name` varchar(256) NOT NULL, PRIMARY KEY (`Id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8
$ UserRole
CREATE TABLE `userrole` (
`UserId` varchar(128) NOT NULL,
`RoleId` varchar(128) NOT NULL,
PRIMARY KEY (`UserId`,`RoleId`),
KEY `IdentityRole_Users` (`RoleId`),
CONSTRAINT `AppUser_Roles` FOREIGN KEY (`UserId`) REFERENCES `user` (`Id`)
ON DELETE CASCADE ON UPDATE NO ACTION,
CONSTRAINT `IdentityRole_Users` FOREIGN KEY (`RoleId`) REFERENCES `role` (`Id`)
ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8$ UserClaim
CREATE TABLE `userclaim` (
`Id` int(11) NOT NULL AUTO_INCREMENT,
`UserId` varchar(128) NOT NULL,
`ClaimType` longtext,
`ClaimValue` longtext,
PRIMARY KEY (`Id`),
UNIQUE KEY `Id` (`Id`),
KEY `UserId` (`UserId`),
CONSTRAINT `AppUser_Claims` FOREIGN KEY (`UserId`) REFERENCES `user` (`Id`)
ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8$ UserLogin
CREATE TABLE `userlogin` (
`LoginProvider` varchar(128) NOT NULL,
`ProviderKey` varchar(128) NOT NULL,
`UserId` varchar(128) NOT NULL,
PRIMARY KEY (`LoginProvider`,`ProviderKey`,`UserId`),
KEY `AppUser_Logins` (`UserId`),
CONSTRAINT `AppUser_Logins` FOREIGN KEY (`UserId`) REFERENCES `user` (`Id`)
ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8
3. 如何使用ASP.NET Identity
3.1 认证(Authenticate)
using System.Security.Claims;
using System.Web;
using System.Web.Mvc;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.Owin;
public class AccountController : Controller {
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(string name, string password, string returnUrl) {
var userManager = HttpContext.GetOwinContext()
.GetUserManager<UserManager<AppUser>>();
var authManager = HttpContext.GetOwinContext().Authentication;
var user = userManager.Find(name, password);
if (user == null) {
// Invalid name or password
}
else {
ClaimsIdentity identity = userManager.CreateIdentity(
user, DefaultAuthenticationTypes.ApplicationCookie);
authManager.SignOut();
authManager.SignIn(identity);
return Redirect(returnUrl);
}
return View();
}
}
3.2 用户操作
using System.Security.Principal;
using System.Web;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.Owin;
var userManager = HttpContext.Current.GetOwinContext()
.GetUserManager<UserManager<AppUser>>();
// 获取当前用户
IPrincipal principal = HttpContext.Current.User;
AppUser user = userManager.FindByName(principal.Identity.Name);
// 创建用户
var newUser = new AppUser { UserName = "Alice" };
varr password = "changeme";
userManager.Create(newUser, password);
// 删除用户
userManager.Delete(user);
// 修改用户信息
user.Email = "huangc126@126.com";
user.PasswordHash = userManager.PasswordHasher.HashPassword("secret");
3.3 角色管理
using System.Web;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
using Microsoft.AspNet.Identity.Owin;
var roleManager = HttpContext.Current.GetOwinContext()
.GetUserManager<RoleManager<IdentityRole>>();
// 创建角色
var newRole = new IdentityRole { Name = "Admin" };
roleManager.Create(newRole);
// 将角色授予用户
userManager.AddToRole(userId, role: "Admin");
// 移除用户的角色
userManager.RemoveFromRole(userId, role: "Admin");
// 删除角色
var role = roleManager.FindByName("Admin");
roleManager.Delete(role);
3.4 授权(Authorization)
3.4.1 基于角色的授权
using System.Web.Mv;
[Authorize(Roles = "Administrators")]
public class AdminController : Controller {
...
}
3.4.2 基于声明(Claim)的授权
using System.Security.Claims;
using System.Web;
using System.Web.Mvc;
[ClaimsAccess(Issuer = "RemoteClaims", ClaimType = ClaimTypes.PostalCode, Value = "123456")]
public ActionResult Action() {
...
}
public class ClaimsAccessAttribute : AuthorizeAttribute {
public string Issuer { get; set; }
public string ClaimType { get; set; }
public string Value { get; set; }
protected override bool AuthorizeCore(HttpContextBase context) {
return context.User.Identity.IsAuthenticated
&& context.User.Identity is ClaimsIdentity
&& ((ClaimnsIdentity)context.User.Identity).HasClaim(
c => c.Issuer == this.Issuer
&& c.Type == this.ClaimType
&& c.Value == this.Value);
}
}
4. 小结
ASP.NET Identity非常灵活,支持各种扩展,对中小型系统来说足够用了。虽然看上去有点麻烦,但即使是小系统,我也建议用Identity。因为自己去搞一套太麻烦,又容易出错。我们应该把更多的精力花在业务实现上,而不是去抠底层技术细节。
- 大小: 14.7 KB
- 大小: 5.5 KB
- 大小: 4.9 KB
- 大小: 6.6 KB
- 大小: 5.6 KB
- 大小: 24.6 KB
- 查看图片附件
ASP.NET Identity 使用简介相关推荐
- ASP.NET Identity简介及简单使用
ASP.NET Identity简介 Why Identity? ASP.NET Identity wasdesigned to solve site membership requirements. ...
- ASP.NET Identity简介
Why Identity? ASP.NET Identity wasdesigned to solve site membership requirements. Reference: http:// ...
- [转]Membership 到 .NET4.5 之 ASP.NET Identity
本文转自:http://www.cnblogs.com/jesse2013/p/membership-part3.html 我们前面已经讨论过了如何在一个网站中集成最基本的Membership功能,然 ...
- Asp.Net Identity 深度解析 之 注册登录的扩展
关于权限每个系统都有自己的解决方案,今天我们来讨论一下微软的权限框架Asp.Net Identity ,介绍如下 http://www.asp.net/identity 这里不在赘余. 很多人认为 ...
- asp.net identity的学习记录
# identity数据库 ## 创建空数据库 交给ef管理 ### 添加asp.net identity包 ``` Install-Package Microsoft.AspNet.Identity ...
- MVC5 - ASP.NET Identity登录原理 - Claims-based认证和OWIN
在Membership系列的最后一篇引入了ASP.NET Identity,看到大家对它还是挺感兴趣的,于是来一篇详解登录原理的文章.本文会涉及到Claims-based(基于声明)的认证,我们会详细 ...
- ASP.NET Core分布式项目实战(集成ASP.NETCore Identity)--学习笔记
任务24:集成ASP.NETCore Identity 之前在 Index 页面写了一个 strong 标签,需要加个判断再显示,不然为空没有错误的时候也会显示 @if (!ViewContext.M ...
- 全新的membership框架Asp.net Identity(1)——.Net membership的历史
在Asp.net上,微软的membershop框架经历了Asp.net membership到Asp.net simple membership,再到现在的Asp.net Identity. 每一次改 ...
- 在ASP.NET Identity 2.0中使用声明(Claims)实现用户组
目录 介绍 背景 使用代码 步骤1:数据库修改 步骤2:动作(Actions)储存 步骤3:分组控制动作 步骤4:授权验证"ClaimsAuthorizeAttribute" 第5 ...
最新文章
- Django-Ajax
- OpenYurt 入门 - 在树莓派上玩转 OpenYurt
- How is JerryMaster.view.xml being loaded in WebIDE local test environment
- 比赛一买香蕉问题---解题报告
- VC6中使用内存DC加载并显示JPG图片的注意事项
- html读取servlet,简单html与servlet交互(HTML利用servlet读取txt)
- 设计模式(一)--单一职责模式(衡量接口或类设计)
- 07-OSPF区域类型--NSSA区域/完全NSSA区域
- Springboot启动扩展点超详细总结,再也不怕面试官问了
- MyEclipse破解文件+破解说明
- android自定义TextView字体
- python nlpir_Python 中文分词 NLPIR 快速搭建
- ffmpeg实现各种视频特效
- 小米开源:站在巨人肩膀上的创新
- 淘宝京东拼多多自动查券找券返利机器人实现方法分享
- allure企业级定制报告
- 职工考勤管理信息系统数据库课设_公司员工考勤管理信息系统的设计与实现
- 一次失败的S32K模拟EEPROM经历
- 良品铺子天猫618爆卖300万个手撕面包,还用数据改造线下
- bat脚本中如何多次键盘输入并判断_bat教程[282] @