如何解决如何添加基于角色的授权
如何创建基于角色的功能?
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
try
{
ClyBayEntities clyBayEntitiesContext = new ClyBayEntities();
UserFunctions userFunctions = new UserFunctions();
// here we check whether the username and pasword is valid
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(RijndaelEncryption.Encrypt(context.UserName.Trim()),context.Password);
if (user == null)
{
Log.Info(" user == null ::: The user name and / or password is incorrect.");
context.SetError("invalid_grant","The user name and/or password is incorrect.");
return;
}
if (user!=null && user.LockoutEnabled==true)
{
Log.Info(" user exist ::: but user is lockout");
context.SetError("invalid_grant","The user name and/or password is incorrect.");
return;
}
if (!userManager.IsPhoneNumberConfirmed(user.Id))
{
context.SetError("invalid_grant","Please Confirm Your Phone Number! Number Is Not Verified Yet");
return;
}
// Get the userdetails from the db
User userDetails = clyBayEntitiesContext.Users.FirstOrDefault(x => x.AspNetUserId == user.Id);
if (userDetails.IsDeleted == true)
{
Log.Info(" user exist ::: but IsDeleted value is true");
context.SetError("invalid_grant","The user name and/or password is incorrect.");
return;
}
// mod: tur461
var r = await userManager.GetRolesAsync(user.Id);
string Role = r.Take(1).SingleOrDefault();
if (userDetails.VerificationStatus == false)
{
//context.SetError("invalid_grant","Your Account has been suspended. Please contact Administrator.");
context.SetError("invalid_grant","Please contact admin to verify.");
return;
}
// Here create an identity for the requesting user
ClaimsIdentity identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name,context.UserName));
identity.AddClaim(new Claim("UserId",userDetails.AspNetUserId.ToString()));
identity.AddClaim(new Claim("Id",userDetails.ID.ToString()));
// identity.AddClaim(new Claim("EmailId","Email Not Defined"));//userDetails.Email
identity.AddClaim(new Claim("Name",userDetails.Name.ToString()));
identity.AddClaim(new Claim("PhoneNumber",userDetails.PhoneNo.ToString()));
identity.AddClaim(new Claim("RoleName",Role));
AuthenticationProperties properties = CreateProperties(Role);
AuthenticationTicket ticket = new AuthenticationTicket(identity,properties);
context.Validated(ticket);
userFunctions.SaveLoginActivity(userDetails.ID);
//.Info(" identity ::: " + identity);
return;
}
catch (Exception ex)
{
Log.Error("Start log ERROR..." + ex);
throw;
}
}
解决方法
如果您使用 function 一词来指代控制器动作,则需要替换此行代码
Traceback (most recent call last):
File "C:\Users\dev\PycharmProjects\books\venv\lib\site-packages\django_elasticsearch_dsl\fields.py",line 53,in get_value_from_instance
instance = instance[attr]
TypeError: 'BookType' object is not subscriptable
During handling of the above exception,another exception occurred:
Traceback (most recent call last):
File "C:\Users\dev\PycharmProjects\books\venv\lib\site-packages\django_elasticsearch_dsl\fields.py",line 59,in get_value_from_instance
instance = getattr(instance,attr)
AttributeError: 'BookType' object has no attribute 'price'
During handling of the above exception,another exception occurred:
Traceback (most recent call last):
File "C:\Users\dev\PycharmProjects\books\venv\lib\site-packages\django_elasticsearch_dsl\fields.py",line 64,in get_value_from_instance
instance = instance[int(attr)]
ValueError: invalid literal for int() with base 10: 'price'
File "C:\Users\dev\PycharmProjects\books\venv\lib\site-packages\django_elasticsearch_dsl\fields.py",line 69,in get_value_from_instance
raise VariableLookupError(
django_elasticsearch_dsl.exceptions.VariableLookupError: Failed lookup for key [price] in <BookType: Hard Cover>
Exception ignored in: <generator object cursor_iter at 0x00000000052F07B0>
Traceback (most recent call last):
File "C:\Users\dev\PycharmProjects\books\venv\lib\site-packages\django\db\models\sql\compiler.py",line 1586,in cursor_iter
cursor.close()
sqlite3.ProgrammingError: Cannot operate on a closed database.
与此
identity.AddClaim(new Claim("RoleName",Role));
此后,您应该可以在要保护的操作上使用identity.AddClaim(new Claim(ClaimsType.Role,Role));
。
AuthorizeAttribute
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。