在 2.1 之前,我已经多次实施基于角色的身份验证.按照步骤搭建新的 2.1 标识.
我扩展了 IdentityUser 模型以添加其他字段,登录工作正常,新字段出现.
startup.cs 配置服务包含
services.AddDefaultIdentity().AddRoles<IdentityRole>().AddEntityFrameworkStores<ApplicationDbContext>();我为角色播种
IdentityRole 角色 = new IdentityRole();role.Name = "管理员";IdentityResult 角色结果 = 角色管理器.CreateAsync(role).Result;然后创建一个用户并添加到角色中
AppUser user = new AppUser();user.UserName = "管理员";user.Email = "admin@admin";user.Name = "管理员";user.LockoutEnabled = false;user.EmailConfirmed = true;IdentityResult 结果 = userManager.CreateAsync(user, "password").Result;如果(结果.成功){userManager.AddToRoleAsync(user, "Administrator").Wait();}一切顺利,数据库看起来很好(AspNetUserRoles 有链接)
但是,用角色装饰控制器总是会返回未授权
[授权(角色 = 管理员")]但是,使用 [Authorize](无角色)进行简单的登录检查即可.
我该如何解决这个问题/合并源代码的最简单方法是什么,以便我可以单步调试/调试 [Authorize] 标签?
解决方案如何解决
但是,用角色装饰控制器总是会返回未授权
[授权(角色 = 管理员")]这是 2.1 版本中的一个已知错误.在此处查看
调试AuthorizeFiler截图:
I've implemented role based auth several times pre 2.1. Followed the steps to scaffold the new 2.1 identities.
I extended the IdentityUser model to add additional fields, login works fine, new fields are present.
startup.cs configure services contains
services.AddDefaultIdentity<AppUser>() .AddRoles<IdentityRole>() .AddEntityFrameworkStores<ApplicationDbContext>();I seeded the roles
IdentityRole role = new IdentityRole(); role.Name = "Administrator"; IdentityResult roleResult = roleManager. CreateAsync(role).Result;Then created a user and added to the role
AppUser user = new AppUser(); user.UserName = "Admin"; user.Email = "admin@admin"; user.Name = "Administrator"; user.LockoutEnabled = false; user.EmailConfirmed = true; IdentityResult result = userManager.CreateAsync(user, "password").Result; if (result.Succeeded) { userManager.AddToRoleAsync(user, "Administrator").Wait(); }Everything succeeded, and the database looks fine (AspNetUserRoles has links)
However, decorating a controller with a role will always return not authorized
[Authorize(Roles = "Administrator")]But, a simple login check with [Authorize] (no role) will work.
How might I fix this/what is the easiest way to incorporate the source code so I can step through/debug the [Authorize] tags?
解决方案How to fix
However, decorating a controller with a role will always return not authorized
[Authorize(Roles = "Administrator")]
It's a known bug in the version of 2.1 . See issue here .
I follow the advice of using the old api suggested by HaoK and C-BERBER , and it now works flawlessly .
Here's my DbContext:
public class ApplicationDbContext : IdentityDbContext<AppUser,IdentityRole,string> { public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options) { } }Configure the identity using the old-style api :
services.AddIdentity<AppUser, IdentityRole>() .AddRoleManager<RoleManager<IdentityRole>>() .AddDefaultUI() .AddDefaultTokenProviders() .AddEntityFrameworkStores<ApplicationDbContext>();Lastly , logout and re-signin , it will work as expected now .
How to Debug source codeI guess you won't want to debug the AuthorizeAttribe itself , since it is processed at compile-time . If you mean to debug the AuthorizeFilter , you can follow the steps as below :
click Tools -> Options -> Debugging
And you can debug the source code now . However , due to the way that filter works , you need set a breakpoint before MVC . I just set a dummy middleware that will take place before the MVC router handler :
The screenshot of debugging AuthorizeFiler :
更多推荐
.net 核心身份 2.1 角色授权不起作用
发布评论