4
I’m having difficulty implementing Claims to make user authorizations in my project, I’ve read a lot but I can’t execute it. I’m using in the project the Nhibernate.AspNet.Identity may be that for this reason I can not run as in the forums and tutorials read, but I’m not sure.
Example of how I tried to create:
public async Task Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return View(model); } ApplicationUser signedUser = _userManager.FindByEmail(model.Email); var result = await _signInManager.PasswordSignInAsync(signedUser.UserName, model.Password, model.RememberMe, shouldLockout: false); var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, model.Email), }, DefaultAuthenticationTypes.ApplicationCookie, ClaimTypes.Name, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.Role, "Adm")); identity.AddClaim(new Claim(ClaimTypes.GivenName, "Teste")); identity.AddClaim(new Claim(ClaimTypes.Sid, signedUser.userID)); switch (result) { case SignInStatus.Success: return RedirectToLocal(returnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.RequiresVerification: return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); case SignInStatus.Failure: default: ModelState.AddModelError("", "Login ou Senha incorretos."); return View(model); } }
Example of how I’m trying to verify:
- I created a table to save the Claims and Userclaims, now I would like to know how to log in and load these Claims without the need to search in bank?
- How to validate Claims in my Methods?
- Is there any more effective way to authenticate the user without using the Claims or Roles (which by what I researched is already outdated)?
Thank you for your attention!
He explained very well.. To be able to follow his explanation well with my project. As he spoke here this as Applicationuser the class with the method Generateuseridentityasync(). Now when I look for the Claims as well as the image I passed before whose nothing carried, now returns like this: Imagery Would you also tell me how I remove a Claim from that list?
– Eluander J. F. Lopes
@Eluanderj.F.Lopes in this case, normally you assemble your Aims within the method I indicated, and should no longer add or remove, but there are situations that this is inevitable. Can you share in what situation you intend to remove a Claim from the user? Ideally you would do this type of checking there in that same method, and then decide whether you will add a particular Target or not.
– Alisson
Like if I remove the access of a particular user from the database. But I managed to get around the situation.. Thanks for the help!
– Eluander J. F. Lopes
@Eluanderj.F.Lopes understood, but good that you managed to get around. I usually create a filter to be executed at each request, where I check if a user must be "revalidated", if so, I do the user’s Signout. For that, I create a
Dictionary<string, bool>
where the key is the user id and the value is abool
whether or not to revalidate. In the methods that change user roles, or in the method to remove access, I change this value to true for that user. If he is logged in, at his next request, the filter will perform Signout, that’s how I do.– Alisson
@Eluanderj.F.Lopes this dictionary is static and I usually leave it in some Helper class, being static I guarantee that it will be available between a request and another.
– Alisson