在JWT Bearer的身份OnTokenValidated事件中插入更多声明

问题描述 投票:1回答:1

目前,我正在使用角4和网核1.1制作SPA。我的系统使用JWT来检查用户身份。每当用户访问我的系统时,我想检查他/她在数据库中的身份(状态,角色)并更新到HttpContext.Identity。

这是我的代码:

OnTokenValidated = async context =>
{
    // Find unit of work.
    var unitOfWork = context.HttpContext.RequestServices.GetService<IUnitOfWork>();
    var identityService = context.HttpContext.RequestServices.GetService<IIdentityService>();

    // Find claim identity attached to principal.
    var claimIdentity = (ClaimsIdentity)context.Ticket.Principal.Identity;

    // Find email from claims list.
    var email =
        claimIdentity.Claims.Where(x => x.Type.Equals(ClaimTypes.Email))
            .Select(x => x.Value)
            .FirstOrDefault();

    // Email is invalid.
    if (string.IsNullOrEmpty(email))
        return;

    // Find account information.
    var condition = new SearchAccountViewModel();
    condition.Email = new TextSearch();
    condition.Email.Value = email;
    condition.Email.Mode = TextComparision.Equal;

    // Find accounts based on conditions.
    var accounts = unitOfWork.RepositoryAccounts.Search();
    accounts = unitOfWork.RepositoryAccounts.Search(accounts, condition);

    // Find the first matched account in the system.
    var account = await accounts.FirstOrDefaultAsync();

    // Account is not found.
    if (account == null)
        return;

    var identity = (ClaimsIdentity) identityService.InitiateIdentity(account);
    identity.AddClaim(new Claim(ClaimTypes.Role, Enum.GetName(typeof(Roles), account.Role)));
    identity.AddClaim(new Claim(ClaimTypes.Authentication, Enum.GetName(typeof(Statuses), account.Status)));

    context.HttpContext.User = new ClaimsPrincipal(identity);
}

在我的AccountController.cs中,我有一个函数:

/// <summary>
/// Find personal profile.
/// </summary>
/// <returns></returns>
[HttpGet("personal-profile")]
public IActionResult FindProfile()
{
    var identity = (ClaimsIdentity) Request.HttpContext.User.Identity;
    var claims = identity.Claims.ToDictionary(x => x.Type, x => x.Value);
    return Ok(claims);
}

这是我的结果:

{
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "[email protected]",
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "Goldarina Wharrier",
  "auth_time": "1494072536661.38",
  "nbf": "1494043736",
  "exp": "1494047336",
  "iss": "iConfess Ordinary",
  "aud": "http://localhost:5001"
}

身份中没有任何角色或身份。我的问题是: - 在验证令牌和在数据库中搜索用户信息后,如何在请求身份中添加更多声明。

有人可以帮帮我吗?

谢谢,

c# asp.net-core jwt asp.net-core-webapi json-web-token
1个回答
0
投票

试试这个:

context.Principal.AddIdentity(identity);
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.