我正在我的 Blazor 应用程序中构建一个简单的自定义身份验证方法。登录用户必须通过 Razor
<AuthorizeView>我可以通过向
ClaimsPrincipalAuthenticationStateClaimsIdentityAuthorizeView 时使用的信息)来使其工作。指定了 Role 或 Policy我找到的解决方法是在主体登录时将名为“loggedin”的角色插入主体(通过新的
ClaimsIdentityClaimsIdentity<AuthorizeView Role="loggedin">Policy那么,指定页面仅对经过身份验证的用户可见(没有其他条件)并控制用户的身份验证状态的最简洁方法是什么,仅使用 Razor
AuthorizeViewClaimsPrincipal ClaimsIdentity由于您的问题很少涉及代码,因此这里有一个有关如何执行我认为您想要的操作的演示。这是基于 Blazor 服务器。
它使用自定义的
AuthenticationStateProviderClaimsIdentityClaimsPrincipal自定义身份验证状态提供者:
public class MyAuthenticationProvider : ServerAuthenticationStateProvider
{
ClaimsPrincipal? _user;
IEnumerable<Claim>? _claims;
public async override Task<AuthenticationState> GetAuthenticationStateAsync()
{
var authState = await base.GetAuthenticationStateAsync();
var user = authState.User;
if (user.Identity?.IsAuthenticated ?? false)
_claims = user.Identities.FirstOrDefault()?.Claims ?? Enumerable.Empty<Claim>();
return authState;
}
public Task LogOutIdentityAsync()
{
_user = new ClaimsPrincipal(new ClaimsIdentity(_claims, null));
var newState = new AuthenticationState(_user);
this.NotifyAuthenticationStateChanged(Task.FromResult<AuthenticationState>(newState));
return Task.CompletedTask;
}
public Task LogInIdentityAsync()
{
_user = new ClaimsPrincipal(new ClaimsIdentity(_claims, "nlm"));
var newState = new AuthenticationState(_user);
this.NotifyAuthenticationStateChanged(Task.FromResult<AuthenticationState>(newState));
return Task.CompletedTask;
}
}
已注册:
// at the end of services definitions
builder.Services.AddScoped<AuthenticationStateProvider, MyAuthenticationProvider>();
用于切换身份验证的演示布局。
@inherits LayoutComponentBase
@inject AuthenticationStateProvider _authProvider
<PageTitle>BlazorApp1</PageTitle>
<div class="page">
<div class="sidebar">
<NavMenu />
</div>
<main>
<div class="top-row px-4 auth">
<button class="btn btn-primary" @onclick="ToggleAuth">Toggle</button>
<LoginDisplay />
<a href="https://docs.microsoft.com/aspnet/" target="_blank">About</a>
</div>
<article class="content px-4">
@Body
</article>
</main>
</div>
@code {
bool _authState = true;
void ToggleAuth()
{
if (_authState)
((MyAuthenticationProvider)_authProvider).LogOutIdentityAsync();
else
((MyAuthenticationProvider)_authProvider).LogInIdentityAsync();
_authState = !_authState;
}
}