如何解决第一次调用 HTTPPOST 方法时 User.IsInRole 返回 false,但第二次调用它时返回 true
我正在从事授权/身份验证项目,目前正面临基于角色的身份验证问题。每当我尝试使用预先创建的用户帐户登录时,在实际登录之前,我都必须通过 HTTPPOST 两次。
用户已登录,但在通过 result.Succeeded 检查后,它无法识别登录的 User 是 Admin 角色。如果我再次单击登录按钮,它会像预期的那样通过 User.IsInRole("Admin") 检查。
HTTPPOST 方法:
/// <summary>
/// Logs a user in
/// </summary>
/// <param name="loginForm"></param>
/// <returns></returns>
[HttpPost]
[AllowAnonymous]
public async Task<IActionResult> Login(LoginForm loginForm)
{
// search for a user that matches the username and password from loginForm
var result = await _signInManager.PasswordSignInAsync(loginForm.Username,loginForm.Password,true,false);
// if a match is found,user is logged in
if (result.Succeeded)
{
if (User.IsInRole("Admin"))
{
// create a viewbag of type List with all available licensetypes to later on show in a dropdown list
ViewBag.LicenseTypes = Enum.GetValues(typeof(RegisterForm.Types))
.Cast<RegisterForm.Types>()
.Select(v => v.ToString())
.ToList();
return View("Register");
}
else if (User.IsInRole("Pirate"))
return RedirectToAction(nameof(Index),"Ship");
}
return View();
}
如果相关,种子数据:
public static async Task SeedUsersAsync(UserManager<AppUser> userManager,RoleManager<IdentityRole> roleManager)
{
// create an admin role
// check if an Admin user already exists
if (userManager.FindByNameAsync("Admin").Result == null)
{
// create new identity user named Admin
AppUser user = new AppUser
{
UserName = "Admin",LicensePlate = "Admin",LicenseType = "Z",SecretCode = "Admin123!"
};
IdentityResult result = userManager.CreateAsync(user,"Admin123!").Result;
// check if user has been created succesfully
if (result.Succeeded)
{
// check if an Admin role already exists
if (!roleManager.RoleExistsAsync("Admin").Result)
{
// create new identity admin role
IdentityRole role = new IdentityRole
{
Name = "Admin",NormalizedName = "ADMIN",ConcurrencyStamp = "Admin"
};
IdentityResult roleResult = roleManager.CreateAsync(role).Result;
// add claims to admin role
await roleManager.AddClaimAsync(role,new Claim("Username",user.UserName ?? ""));
await roleManager.AddClaimAsync(role,new Claim("Register Pirates","User can register temporary pirates"));
// check if user already has admin role
if (!await userManager.IsInRoleAsync(user,role.Name))
{
// add admin user to admin role
await userManager.AddToRoleAsync(user,role.Name);
}
}
}
}
简而言之,为什么第一次不起作用?提前致谢。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。