ASP.NET Microsoft 身份问题
ASP.NET Microsoft Identity issue
我有 asp.net mvc 项目,它使用 Microsoft Identity 成员资格。我的角色是:管理员、代理、客户、内容编辑、初级。 Junior 角色是最后添加的,我无法使用它登录。这是登录后调用的控制器:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using PoloCpi.Data.Services.Interfaces;
using PoloCpi.Model.ViewModels;
namespace PoloCpi.Web.Areas.Admin.Controllers
{
/// <summary>
/// Dashboard controller
/// </summary>
public class DashboardController : Controller
{
private readonly IJobService _obJobService;
private readonly IAgentService _objAgentService;
private readonly IHistoryLogsService _objHistoryLogsService;
private readonly IFileUploadService _objFileUploadService;
private readonly IJobReportService _objJobReportService;
public DashboardController(IJobService obJobService, IAgentService objAgentService, IHistoryLogsService objHistoryLogsService, IFileUploadService objFileUploadService, IJobReportService objJobReportService)
{
_obJobService = obJobService;
_objAgentService = objAgentService;
_objHistoryLogsService = objHistoryLogsService;
_objFileUploadService = objFileUploadService;
_objJobReportService = objJobReportService;
}
//
// GET: /Admin/Dashboard/
//[Authorize(Roles = "Admin, Agent, Client, ContentEditor, Junior")]
public ActionResult Index()
{
return View();
}
/// <summary>
/// Date reminders
/// </summary>
/// <returns></returns>
public ActionResult MattersDateReminders(int page = 1, int pageSize = 10)
{
var reminderDates = _obJobService.GetReminderDates(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Reminder dates";
ViewBag.Container = "reminder-dates-container";
ViewBag.ShowMoreId = "reminder-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { reminderDates = reminderDates, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", reminderDates);
}
/// <summary>
/// Last day of services
/// </summary>
/// <returns></returns>
public ActionResult LastDayOfServices(int page = 1, int pageSize = 10)
{
var lastDayOfServices = _obJobService.GetLastDayOfServices(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Last day of services";
ViewBag.Container = "last-dates-container";
ViewBag.ShowMoreId = "last-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { lastDayOfServices = lastDayOfServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", lastDayOfServices);
}
/// <summary>
/// Agent licenses
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">pageSize</param>
/// <returns>List of agent liceses</returns>
public ActionResult AgentLicenses(int page = 1, int pageSize = 10)
{
var agentLicenses = _objAgentService.CheckForExpiringLicenses(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Title = "Agent Licenses";
ViewBag.Controller = "Agent";
ViewBag.Action = "GetAgentLicenses";
ViewBag.Container = "agent-licenses-container";
ViewBag.ShowMoreId = "agent-licenses-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { agentLicenses = agentLicenses, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", agentLicenses);
}
/// <summary>
/// Agent reports
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of agent reports</returns>
public ActionResult AgentReports(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objJobReportServices = _objJobReportService.FindAgentReportAlerts(page, pageSize);
ViewBag.Title = "Agent Reports";
ViewBag.Controller = "Job";
ViewBag.Action = "JobDetails";
ViewBag.Container = "agent-reports-container";
ViewBag.ShowMoreId = "agent-reports-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { jobReports = objJobReportServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", objJobReportServices);
}
/// <summary>
/// File uploads
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of file uploads</returns>
public ActionResult FileUploads(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var fileUploadsList = _objFileUploadService.FindFileUploadsAlerts(page, pageSize);
ViewBag.Title = "File Uploads";
ViewBag.Controller = "FileUpload";
ViewBag.Action = "Files";
ViewBag.Container = "file-uploads-container";
ViewBag.ShowMoreId = "file-uploads-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { fileUploads = fileUploadsList, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", fileUploadsList);
}
/// <summary>
/// Latest activities
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of latest activities</returns>
public ActionResult LatestActivityOfAdmins(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var latestActivities = _objHistoryLogsService.GetHistoryLogs(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { latestActivities = latestActivities, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_LatestAdminActivity.cshtml", latestActivities);
}
/// <summary>
/// Invoices
/// </summary>
/// <param name="page">Page</param>
/// <param name="pageSize">Page Size</param>
/// <returns>List of invoices</returns>
public ActionResult Invoices(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objInvoiceAlerts = _obJobService.FindClosedMattersWithoutInvoice(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { invoiceAlerts = objInvoiceAlerts, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_Invoices.cshtml", objInvoiceAlerts);
}
}
}
就您所见,根本没有授权属性,如果我手动输入 url 逻辑,我需要进入仪表板,但我被重定向到登录页面。
这是我的登录操作:
/// <summary>
/// Login action for post data
/// </summary>
/// <param name="userModel">User model object</param>
/// <param name="returnUrl">Return url</param>
/// <returns>View</returns>
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<ActionResult> Login(LoginViewModel userModel, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(userModel);
}
var _objApplicationUser = await _objUserService.FindUser(userModel.UserName, userModel.Password);
if (_objApplicationUser == null)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_EXISTS);
return View(userModel);
}
if (!_objApplicationUser.IsActive)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_NOT_ACTIVE);
return View(userModel);
}
await _objUserService.SignIn(HttpContext.GetOwinContext().Authentication, _objApplicationUser, userModel.RemeberMe);
string strUserId = _objApplicationUser.Id.ToString();
var objRoleForCurrentUser = _objUserService.FindUserById(strUserId);
if (objRoleForCurrentUser.Role == "Admin" || objRoleForCurrentUser.Role == "Junior")
{
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else {
return RedirectToAction("Index", "Dashboard");
}
}
else
{
return RedirectToAction("Index", "Job", new { Page = 1, Take = 10 });
}
}
如果有人遇到过此类问题,我期待收到您的来信。
我再说一遍,这仅适用于初级角色,不适用于系统中存在的其他角色。
_objUserService 包含管理用户的方法,objRoleForCurrentUser 的值为 "Junior"。用户已登录,但我没有重定向到仪表板,而是被重定向到登录页面。
这里是登录码,默认asp.net登录码:
var userIdentity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
authManager.SignIn(new AuthenticationProperties
{
IsPersistent = rememberMe,
}, userIdentity);
谢谢。
更有可能的是,您的布局中呈现了一个子动作,并且该子动作装饰有 Authorize 或存在于装饰有 Authorize 的控制器中并且不允许初级角色。通常,您不应授权子操作,除非它专门用于与用户对象一起使用,然后,在这种情况下,您还应该添加 [AllowAnonymous],这样就不需要授权 .
我有 asp.net mvc 项目,它使用 Microsoft Identity 成员资格。我的角色是:管理员、代理、客户、内容编辑、初级。 Junior 角色是最后添加的,我无法使用它登录。这是登录后调用的控制器:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using PoloCpi.Data.Services.Interfaces;
using PoloCpi.Model.ViewModels;
namespace PoloCpi.Web.Areas.Admin.Controllers
{
/// <summary>
/// Dashboard controller
/// </summary>
public class DashboardController : Controller
{
private readonly IJobService _obJobService;
private readonly IAgentService _objAgentService;
private readonly IHistoryLogsService _objHistoryLogsService;
private readonly IFileUploadService _objFileUploadService;
private readonly IJobReportService _objJobReportService;
public DashboardController(IJobService obJobService, IAgentService objAgentService, IHistoryLogsService objHistoryLogsService, IFileUploadService objFileUploadService, IJobReportService objJobReportService)
{
_obJobService = obJobService;
_objAgentService = objAgentService;
_objHistoryLogsService = objHistoryLogsService;
_objFileUploadService = objFileUploadService;
_objJobReportService = objJobReportService;
}
//
// GET: /Admin/Dashboard/
//[Authorize(Roles = "Admin, Agent, Client, ContentEditor, Junior")]
public ActionResult Index()
{
return View();
}
/// <summary>
/// Date reminders
/// </summary>
/// <returns></returns>
public ActionResult MattersDateReminders(int page = 1, int pageSize = 10)
{
var reminderDates = _obJobService.GetReminderDates(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Reminder dates";
ViewBag.Container = "reminder-dates-container";
ViewBag.ShowMoreId = "reminder-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { reminderDates = reminderDates, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", reminderDates);
}
/// <summary>
/// Last day of services
/// </summary>
/// <returns></returns>
public ActionResult LastDayOfServices(int page = 1, int pageSize = 10)
{
var lastDayOfServices = _obJobService.GetLastDayOfServices(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Description = "Last day of services";
ViewBag.Container = "last-dates-container";
ViewBag.ShowMoreId = "last-dates-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { lastDayOfServices = lastDayOfServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_MattersDateReminders.cshtml", lastDayOfServices);
}
/// <summary>
/// Agent licenses
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">pageSize</param>
/// <returns>List of agent liceses</returns>
public ActionResult AgentLicenses(int page = 1, int pageSize = 10)
{
var agentLicenses = _objAgentService.CheckForExpiringLicenses(page, pageSize);
TempData["page"] = page;
TempData["pageSize"] = pageSize;
ViewBag.Title = "Agent Licenses";
ViewBag.Controller = "Agent";
ViewBag.Action = "GetAgentLicenses";
ViewBag.Container = "agent-licenses-container";
ViewBag.ShowMoreId = "agent-licenses-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { agentLicenses = agentLicenses, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", agentLicenses);
}
/// <summary>
/// Agent reports
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of agent reports</returns>
public ActionResult AgentReports(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objJobReportServices = _objJobReportService.FindAgentReportAlerts(page, pageSize);
ViewBag.Title = "Agent Reports";
ViewBag.Controller = "Job";
ViewBag.Action = "JobDetails";
ViewBag.Container = "agent-reports-container";
ViewBag.ShowMoreId = "agent-reports-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { jobReports = objJobReportServices, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", objJobReportServices);
}
/// <summary>
/// File uploads
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of file uploads</returns>
public ActionResult FileUploads(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var fileUploadsList = _objFileUploadService.FindFileUploadsAlerts(page, pageSize);
ViewBag.Title = "File Uploads";
ViewBag.Controller = "FileUpload";
ViewBag.Action = "Files";
ViewBag.Container = "file-uploads-container";
ViewBag.ShowMoreId = "file-uploads-show-more";
if (Request.IsAjaxRequest())
{
return Json(new { fileUploads = fileUploadsList, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_AgentLicenses.cshtml", fileUploadsList);
}
/// <summary>
/// Latest activities
/// </summary>
/// <param name="page">page</param>
/// <param name="pageSize">page size</param>
/// <returns>List of latest activities</returns>
public ActionResult LatestActivityOfAdmins(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var latestActivities = _objHistoryLogsService.GetHistoryLogs(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { latestActivities = latestActivities, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_LatestAdminActivity.cshtml", latestActivities);
}
/// <summary>
/// Invoices
/// </summary>
/// <param name="page">Page</param>
/// <param name="pageSize">Page Size</param>
/// <returns>List of invoices</returns>
public ActionResult Invoices(int page = 1, int pageSize = 10)
{
TempData["page"] = page;
TempData["pageSize"] = pageSize;
var objInvoiceAlerts = _obJobService.FindClosedMattersWithoutInvoice(page, pageSize);
if (Request.IsAjaxRequest())
{
return Json(new { invoiceAlerts = objInvoiceAlerts, page = page, pageSize = pageSize }, JsonRequestBehavior.AllowGet);
}
return PartialView("~/Areas/Admin/Views/Partials/Dashboard/_Invoices.cshtml", objInvoiceAlerts);
}
}
}
就您所见,根本没有授权属性,如果我手动输入 url 逻辑,我需要进入仪表板,但我被重定向到登录页面。
这是我的登录操作:
/// <summary>
/// Login action for post data
/// </summary>
/// <param name="userModel">User model object</param>
/// <param name="returnUrl">Return url</param>
/// <returns>View</returns>
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<ActionResult> Login(LoginViewModel userModel, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(userModel);
}
var _objApplicationUser = await _objUserService.FindUser(userModel.UserName, userModel.Password);
if (_objApplicationUser == null)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_EXISTS);
return View(userModel);
}
if (!_objApplicationUser.IsActive)
{
ModelState.AddModelError(string.Empty, UIStrings.STR_USER_NOT_ACTIVE);
return View(userModel);
}
await _objUserService.SignIn(HttpContext.GetOwinContext().Authentication, _objApplicationUser, userModel.RemeberMe);
string strUserId = _objApplicationUser.Id.ToString();
var objRoleForCurrentUser = _objUserService.FindUserById(strUserId);
if (objRoleForCurrentUser.Role == "Admin" || objRoleForCurrentUser.Role == "Junior")
{
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else {
return RedirectToAction("Index", "Dashboard");
}
}
else
{
return RedirectToAction("Index", "Job", new { Page = 1, Take = 10 });
}
}
如果有人遇到过此类问题,我期待收到您的来信。
我再说一遍,这仅适用于初级角色,不适用于系统中存在的其他角色。
_objUserService 包含管理用户的方法,objRoleForCurrentUser 的值为 "Junior"。用户已登录,但我没有重定向到仪表板,而是被重定向到登录页面。
这里是登录码,默认asp.net登录码:
var userIdentity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
authManager.SignIn(new AuthenticationProperties
{
IsPersistent = rememberMe,
}, userIdentity);
谢谢。
更有可能的是,您的布局中呈现了一个子动作,并且该子动作装饰有 Authorize 或存在于装饰有 Authorize 的控制器中并且不允许初级角色。通常,您不应授权子操作,除非它专门用于与用户对象一起使用,然后,在这种情况下,您还应该添加 [AllowAnonymous],这样就不需要授权 .