使用 OnValidateIdentity 对 cookie 数据执行额外的验证
Using OnValidateIdentity to perform additional validation on cookie data
在 Brock Allen's blog 上,他说
the CookieAuthenticationOptions class has a Provider property ... and
it has properties which are delegates you can subscribe to. This
allows you to validate the cookie as it comes into the application
(OnValidateIdentity). In this callback you can reject or replace the
identity.
我是 OWIN 和 C# 的新手,因此我正在努力调整我在网上找到的许多 OnValidateIdentity 示例以满足我的需要。在 cookie 在每个 'private' 网页上被接受为有效之后,我想检查以下内容:
- 该 cookie 包含至少一项声明
- CustomerId 声明值大于零
我可以用普通方法实现这两项检查,但我不知道如何将登录挂钩到 OnValidateIdentity。这是我目前拥有的:
我写了一些代码,但无法弄清楚所用方法需要返回什么。
public void Configuration(IAppBuilder app)
{
dynamic cookieExpirationPeriod = TimeSpan.FromMinutes(60);
CookieAuthenticationProvider prov = new CookieAuthenticationProvider();
prov.OnValidateIdentity = ctx =>
{
MyClaimsIdentityObject si = MyApp.Identity.Current();
if (si == null || si.UserId == 0 || si.CustomerId == 0) {
ctx.RejectIdentity();
// what needs to happen here for a return value?
}
};
CookieAuthenticationOptions coa = new CookieAuthenticationOptions {
AuthenticationMode = AuthenticationMode.Active,
CookieName = "MyApp",
ExpireTimeSpan = cookieExpirationPeriod,
SlidingExpiration = true,
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/login.aspx"),
CookieHttpOnly = true,
Provider = prov
};
if (HttpContext.Current.Request.IsLocal) {
coa.CookieSecure = CookieSecureOption.Never;
} else {
coa.CookieSecure = CookieSecureOption.Always;
}
app.UseCookieAuthentication(coa);
}
我认为这只是:
return Task.FromResult<int>(0);
在 Brock Allen's blog 上,他说
the CookieAuthenticationOptions class has a Provider property ... and it has properties which are delegates you can subscribe to. This allows you to validate the cookie as it comes into the application (OnValidateIdentity). In this callback you can reject or replace the identity.
我是 OWIN 和 C# 的新手,因此我正在努力调整我在网上找到的许多 OnValidateIdentity 示例以满足我的需要。在 cookie 在每个 'private' 网页上被接受为有效之后,我想检查以下内容:
- 该 cookie 包含至少一项声明
- CustomerId 声明值大于零
我可以用普通方法实现这两项检查,但我不知道如何将登录挂钩到 OnValidateIdentity。这是我目前拥有的:
我写了一些代码,但无法弄清楚所用方法需要返回什么。
public void Configuration(IAppBuilder app)
{
dynamic cookieExpirationPeriod = TimeSpan.FromMinutes(60);
CookieAuthenticationProvider prov = new CookieAuthenticationProvider();
prov.OnValidateIdentity = ctx =>
{
MyClaimsIdentityObject si = MyApp.Identity.Current();
if (si == null || si.UserId == 0 || si.CustomerId == 0) {
ctx.RejectIdentity();
// what needs to happen here for a return value?
}
};
CookieAuthenticationOptions coa = new CookieAuthenticationOptions {
AuthenticationMode = AuthenticationMode.Active,
CookieName = "MyApp",
ExpireTimeSpan = cookieExpirationPeriod,
SlidingExpiration = true,
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/login.aspx"),
CookieHttpOnly = true,
Provider = prov
};
if (HttpContext.Current.Request.IsLocal) {
coa.CookieSecure = CookieSecureOption.Never;
} else {
coa.CookieSecure = CookieSecureOption.Always;
}
app.UseCookieAuthentication(coa);
}
我认为这只是:
return Task.FromResult<int>(0);