问题描述
我正在写一个ASP.NET MVC应用程序,我使用的是默认的IPrincipal,的IIdentity等窗体身份验证。
I'm writing an ASP.NET MVC application and I'm using forms authentication with the default IPrincipal, IIDentity, etc.
在我的身份验证票证我存储的用户名中的名称参数。
In my authentication ticket I'm storing the username in the name parameter.
不过,我运行到哪里的实例在每次请求我的主人的布局不仅需要用户名,而且用户的电子邮件和用户ID访问。
However, I'm running into instances where on every request my master layout needs access to not only the username, but also the email and userid of the user.
我需要的电子邮件,以便我可以加载为用户gravitar图标,用户名,所以我可以在上面扎有一个友好的显示名称,用户ID,所以我可以定义特定于该用户ID的某些环节(即/用户/编辑/ 2332)。
I need the email so I can load a gravitar icon for the user, the username so I can have a friendly display name in the top bar, and the userid so I can define certain links specific to that userid (ie, /users/edit/2332).
什么是存储不只是用户名,而且用户ID和电子邮件干净的方式?
What is the cleanest way to store not just the username but also the userid and email?
自定义用户/身份对象?缓存?会议?一些其他的方式?
Custom Principal/Identity objects? Cache? Session? Some other way?
推荐答案
使用自定义的的IPrincipal 对象与自己的cookie管理。
Use a custom IPrincipal object with your own cookie management.
我会建议序列化自定义IPrinicipal对象JSON和你cookie.UserData设置序列化的字符串。这是很容易当饼干回来的反序列化。
I would suggest serializing the custom IPrinicipal object to JSON and setting your cookie.UserData to the serialized string. That was it's easy to deserialize when the cookie comes back in.
编辑:自定义IPrincipal对象和验证cookie管理示例
的的IPrincipal 对象的(注意我用的序列化)的
The IPrincipal object (note I'm using Json.NET for serialization)
public class SimplePrincipal : IPrincipal
{
private IIdentity _identity;
[JsonIgnore]
public IIdentity Identity
{
get { return _identity ?? (_identity = new GenericIdentity(Name)); }
}
public string Name { get; set; }
public int WebUserId { get; set; }
public string Email { get; set; }
public long FacebookUserId { get; set; }
public IEnumerable<string> Roles { get; set; }
public bool IsInRole(string role)
{
return Roles.Contains(role);
}
/// <summary>
/// Get's a JSON serialized string of a SimplePrincipal object
/// </summary>
public static string GetCookieUserData(SimplePrincipal principal)
{
return JsonConvert.SerializeObject(principal);
}
/// <summary>
/// Creates a SimplePrincipal object using a JSON string from the asp.net auth cookie
/// </summary>
public static SimplePrincipal CreatePrincipalFromCookieData(string userData)
{
return JsonConvert.DeserializeObject<SimplePrincipal>(userData);
}
}
登录方法
private void LoginUser(SimplePrincipal principal, bool isPersistent)
{
var userData = SimplePrincipal.GetCookieUserData(principal);
var authCookie = FormsAuthService.GetAuthCookie(principal.Name, userData, isPersistent);
Response.Cookies.Add(authCookie);
}
验证模块
public class AuthModule : IHttpModule
{
public void Init(HttpApplication context)
{
context.AuthenticateRequest += Application_AuthenticateRequest;
}
private void Application_AuthenticateRequest(Object source, EventArgs e)
{
var application = (HttpApplication)source;
var context = application.Context;
// Get the authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = context.Request.Cookies[cookieName];
if (authCookie == null)
return;
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
context.User = SimplePrincipal.CreatePrincipalFromCookieData(authTicket.UserData);
}
public void Dispose()
{
//Don't do anything
}
}
在这一切的接线是否正确,你可以简单地获取对象是这样的:
After all this is wired up correctly, you can simply get the object something like:
var principal = HttpContext.Current.User as SimplePrincipal
这篇关于我在哪里可以存储电子邮件和用户id在我的ASP.NET MVC应用程序,所以我不必每个请求找回?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!