在前一篇贴文中,已探索过如何在MVC5中自定
ASP.NET Identity,接下来要来试试在MVC5中如何运用
ASP.NET Identity来设定一个以 "角色"为基础的授权机制。为了方便起见,简化了这个认证机制的内容,同时假设这是一个公司内部使用的应用程序,所以拿掉了"注册"的功能,所有的使用账 号管理都必须透过某一管理权限(Admin)的使用者来进行,也就是说只有具备有 Admin 角色的使用者可以执行”账户管理"的功能。
贴文内容:
建立MVC5新项目
修改相关 Mdels
扩展Identity Management Mdel
加入新字段
建立Helper Class
扩展Accunt Management ViewMdels (AccuntViewMdels.cs)
在RegisterViewMdel加入新字段 及 GetUser methd
新增 EditUserViewMdel、SelectUserRlesViewMdel、SelectRleEditrViewMdel
修改相关 Cntrllers
修改AccuntCntrller 中 Register Methd 加入 Authrize attribute
加入 Index Methd (ActinResult)
加入 Edit Methd (ActinResult)
加入 Delete Methd (ActinResult)
加入 UserRles Methd (ActinResult)
修改相关 Views
修改Register.cshtml View
新增Edit、Delete、Index 等方法的Views
新增UserRles.cshtml View 并 新增程序代码
新增 SelectRleEditrViewMdel.cshtml 在 Shared/EditrTemplates目录下
在主页面上新增”账号管理" 功能按钮
移除主页面上的注册功能
启动 Migratin功能
在Seed()方法中加入建立测试数据的程序代码
更新数据库
执行结果
建立MVC5新项目
修改相关 Models
1. 扩展Identity Management Model (IdentityModels.cs)
加入新字段:为使用者数据多加三个属性字段,分别是FirstName、LastName、Email。
建立Helper Class:利用Asp.Net Identity API建立一个 Identity Management Helper class: IdentityManager class,包含有建立角色、建立使用者...等功能。
IdentityModels.cs 完整程序
01.
using Microsoft.AspNet.Identity;
02.
using Microsoft.AspNet.Identity.EntityFramework;
03.
using System.Collections.Generic;
04.
using System.ComponentModel.DataAnnotations;
05.
06.
namespace RoleBaseProject.Models
07.
{
08.
// You can add profile data for the user by adding more properties to your ApplicationUser class, please visit http://go.microsoft.com/fwlink/?LinkID=317594 to learn more.
09.
public class ApplicationUser : IdentityUser
10.
{
11.
[Required]
12.
public string FirstName { get; set; }
13.
14.
[Required]
15.
public string LastName { get; set; }
16.
[Required]
17.
public string Email { get; set; }
18.
}
19.
20.
public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
21.
{
22.
public ApplicationDbContext()
23.
: base("DefaultConnection")
24.
{
25.
}
26.
}
27.
28.
public class IdentityManager
29.
{
30.
// 判断角色是否已在存在
31.
public bool RoleExists(string name)
32.
{
33.
var rm = new RoleManager<IdentityRole>(
34.
new RoleStore<IdentityRole>(new ApplicationDbContext()));
35.
return rm.RoleExists(name);
36.
}
37.
// 新增角色
38.
public bool CreateRole(string name)
39.
{
40.
var rm = new RoleManager<IdentityRole>(
41.
new RoleStore<IdentityRole>(new ApplicationDbContext()));
42.
var idResult = rm.Create(new IdentityRole(name));
43.
return idResult.Succeeded;
44.
}
45.
// 新增角色
46.
public bool CreateUser(ApplicationUser user, string pass<a href="http://www.it165.net/edu/ebg/" target="_blank" class="keylink">word</a>)
47.
{
48.
var um = new UserManager<ApplicationUser>(
49.
new UserStore<ApplicationUser>(new ApplicationDbContext()));
50.
var idResult = um.Create(user, pass<a href="http://www.it165.net/edu/ebg/" target="_blank" class="keylink">word</a>);
51.
return idResult.Succeeded;
52.
}
53.
// 将使用者加入角色中
54.
public bool AddUserToRole(string userId, string roleName)
55.
{
56.
var um = new UserManager<ApplicationUser>(
57.
new UserStore<ApplicationUser>(new ApplicationDbContext()));
58.
var idResult = um.AddToRole(userId, roleName);
59.
return idResult.Succeeded;
60.
}
61.
// 清除使用者的角色设定
62.
public void ClearUserRoles(string userId)
63.
{
64.
var um = new UserManager<ApplicationUser>(
65.
new UserStore<ApplicationUser>(new ApplicationDbContext()));
66.
var user = um.FindById(userId);
67.
var currentRoles = new List<IdentityUserRole>();
68.
currentRoles.AddRange(user.Roles);
69.
foreach(var role in currentRoles)
70.
{
71.
um.RemoveFromRole(userId, role.Role.Name);
72.
}
73.
}
74.
}
75.
}
2. 扩展Account Management ViewModels (AccountViewModels.cs)
在RegisterViewModel加入新字段 及 GetUser method
针对要新增的"账号管理"功能新增三个ViewModel,分别是: EditUserViewModel、SelectUserRolesViewModel、SelectRoleEditorViewModel
AccountViewModels.cs 完整程序
001.
using Microsoft.AspNet.Identity.EntityFramework;
002.
using System.Collections.Generic;
003.
using System.ComponentModel.DataAnnotations;
004.
005.
namespace RoleBaseProject.Models
006.
{
007.
public class ExternalLoginConfirmationViewModel
008.
{
009.
[Required]
010.
[Display(Name = "使用者名称")]
011.
public string UserName { get; set; }
012.
}
013.
014.
public class ManageUserViewModel
015.
{
016.
[Required]
017.
[DataType(DataType.Password)]
018.
[Display(Name = "目前密码")]
019.
public string OldPassword { get; set; }
020.
021.
[Required]
022.
[StringLength(100, ErrorMessage = "{0} 的长度至少必须为 {2} 个字符。", MinimumLength = 6)]
023.
[DataType(DataType.Password)]
024.
[Display(Name = "新密码")]
025.
public string NewPassword { get; set; }
026.
027.
[DataType(DataType.Password)]
028.
[Display(Name = "确认新密码")]
029.
[Compare("NewPassword", ErrorMessage = "新密码与确认密码不相符。")]
030.
public string ConfirmPassword { get; set; }
031.
}
032.
033.
public class LoginViewModel
034.
{
035.
[Required]
036.
[Display(Name = "使用者名称")]
037.
public string UserName { get; set; }
038.
039.
[Required]
040.
[DataType(DataType.Password)]
041.
[Display(Name = "密码")]
042.
public string Password { get; set; }
043.
044.
[Display(Name = "记住我?")]
045.
public bool RememberMe { get; set; }
046.
}
047.
048.
public class RegisterViewModel
049.
{
050.
[Required]
051.
[Display(Name = "使用者名称")]
052.
public string UserName { get; set; }
053.
054.
[Required]
055.
[StringLength(100, ErrorMessage = "{0} 的长度至少必须为 {2} 个字符。", MinimumLength = 6)]
056.
[DataType(DataType.Password)]
057.
[Display(Name = "密码")]
058.
public string Password { get; set; }
059.
060.
[DataType(DataType.Password)]
061.
[Display(Name = "确认密码")]
062.
[Compare("Password", ErrorMessage = "密码和确认密码不相符。")]
063.
public string ConfirmPassword { get; set; }
064.
065.
[Required]
066.
[Display(Name = "First Name")]
067.
public string FirstName { get; set; }
068.
069.
[Required]
070.
[Display(Name = "Last Name")]
071.
public string LastName { get; set; }
072.
073.
[Required]
074.
[Display(Name = "电子邮件信箱")]
075.
public string Email { get; set; }
076.
077.
public ApplicationUser GetUser()
078.
{
079.
var user = new ApplicationUser()
080.
{
081.
UserName = this.UserName,
082.
FirstName = this.FirstName,
083.
LastName = this.LastName,
084.
Email = this.Email,
085.
};
086.
return user;
087.
}
088.
}
089.
090.
public class EditUserViewModel
091.
{
092.
public EditUserViewModel() { }
093.
094.
// Allow Initialization with an instance of ApplicationUser:
095.
public EditUserViewModel(ApplicationUser user)
096.
{
097.
this.UserName = user.UserName;
098.
this.FirstName = user.FirstName;
099.
this.LastName = user.LastName;
100.
this.Email = user.Email;
101.
}
102.
103.
[Required]
104.
[Display(Name = "使用者账号")]
105.
public string UserName { get; set; }
106.
107.
[Required]
108.
[Display(Name = "名")]
109.
public string FirstName { get; set; }
110.
111.
[Required]
112.
[Display(Name = "姓")]
113.
public string LastName { get; set; }
114.
115.
[Required]
116.
[Display(Name = "电子邮件信箱")]
117.
public string Email { get; set; }
118.
}
119.
120.
public class SelectUserRolesViewModel
121.
{
122.
public SelectUserRolesViewModel()
123.
{
124.
this.Roles = new List<SelectRoleEditorViewModel>();
125.
}
126.
127.
// Enable initialization with an instance of ApplicationUser:
128.
public SelectUserRolesViewModel(ApplicationUser user)
129.
: this()
130.
{
131.
this.UserName = user.UserName;
132.
this.FirstName = user.FirstName;
133.
this.LastName = user.LastName;
134.
135.
var Db = new ApplicationDbContext();
136.
137.
// Add all available roles to the list of EditorViewModels:
138.
var allRoles = Db.Roles;
139.
foreach (var role in allRoles)
140.
{
141.
// An EditorViewModel will be used by Editor Template:
142.
var rvm = new SelectRoleEditorViewModel(role);
143.
this.Roles.Add(rvm);
144.
}
145.
146.
// Set the Selected property to true for those roles for
147.
// which the current user is a member:
148.
foreach (var userRole in user.Roles)
149.
{
150.
var checkUserRole =
151.
this.Roles.Find(r => r.RoleName == userRole.Role.Name);
152.
checkUserRole.Selected = true;
153.
}
154.
}
155.
156.
public string UserName { get; set; }
157.
public string FirstName { get; set; }
158.
public string LastName { get; set; }
159.
public List<SelectRoleEditorViewModel> Roles { get; set; }
160.
}
161.
162.
// Used to display a single role with a checkbox, within a list structure:
163.
public class SelectRoleEditorViewModel
164.
{
165.
public SelectRoleEditorViewModel() { }
166.
public SelectRoleEditorViewModel(IdentityRole role)
167.
{
168.
this.RoleName = role.Name;
169.
}
170.
171.
public bool Selected { get; set; }
172.
173.
[Required]
174.
public string RoleName { get; set; }
175.
}
176.
177.
}
修改相关 Controllers
修改AccountController 中 Register Method 加入 Authorize attribute
必须具有Admin 角色者才能执行。
加入 Index Method (ActionResult)
01.
[Authorize(Roles = "Admin")]
02.
public ActionResult Index()
03.
{
04.
var Db = new ApplicationDbContext();
05.
var users = Db.Users;
06.
var model = new List<EditUserViewModel>();
07.
foreach(var user in users)
08.
{
09.
var u = new EditUserViewModel(user);
10.
model.Add(u);
11.
}
12.
return View(model);
13.
}
加入 Edit Method (ActionResult)
01.
//
02.
// GEG: /Account/Edit
03.
[Authorize(Roles = "Admin")]
04.
public ActionResult Edit(string id , ManageMessageId? Message = null)
05.
{
06.
var Db = new ApplicationDbContext();
07.
var user = Db.Users.First(u => u.UserName == id);
08.
var model = new EditUserViewModel(user);
09.
ViewBag.MessageId = Message;
10.
return View(model);
11.
}
12.
//
13.
// POST: /Account/Edit
14.
[HttpPost]
15.
[Authorize(Roles = "Admin")]
16.
[ValidateAntiForgeryToken]
17.
public async Task<ActionResult> Edit(EditUserViewModel model)
18.
{
19.
if (ModelState.IsValid)
20.
{
21.
var Db = new ApplicationDbContext();
22.
var user = Db.Users.First(u => u.UserName == model.UserName);
23.
user.FirstName = model.FirstName;
24.
user.LastName = model.LastName;
25.
user.Email = model.Email;
26.
Db.Entry(user).State = System.Data.Entity.EntityState.Modified;
27.
await Db.SaveChangesAsync();
28.
return RedirectToAction("Index");
29.
}
30.
return View(model);
31.
}
加入 Delete Method (ActionResult)
01.
//
02.
// GEG: /Account/Delete
03.
[Authorize(Roles="Admin")]
04.
public ActionResult Delete(string id = null)
05.
{
06.
var Db = new ApplicationDbContext();
07.
var user = Db.Users.First(u => u.UserName == id);
08.
var model = new EditUserViewModel(user);
09.
return View(model);
10.
}
11.
//
12.
// POST: /Account/Delete
13.
[HttpPost, ActionName("Delete")]
14.
[Authorize(Roles = "Admin")]
15.
[ValidateAntiForgeryToken]
16.
public ActionResult DeleteConfirmed(string id)
17.
{
18.
var Db = new ApplicationDbContext();
19.
var user = Db.Users.First(u => u.UserName == id);
20.
Db.Users.Remove(user);
21.
Db.SaveChanges();
22.
return RedirectToAction("Index");
23.
}
加入 UserRoles Method (ActionResult)
01.
//
02.
// GEG: /Account/UserRoles
03.
[Authorize(Roles = "Admin")]
04.
public ActionResult UserRoles(string id)
05.
{
06.
var Db = new ApplicationDbContext();
07.
var user = Db.Users.First(u => u.UserName == id);
08.
var model = new SelectUserRolesViewModel(user);
09.
return View(model);
10.
}
11.
12.
//
13.
// POST: /Account/UserRoles
14.
[HttpPost]
15.
[Authorize(Roles = "Admin")]
16.
[ValidateAntiForgeryToken]
17.
public ActionResult UserRoles(SelectUserRolesViewModel model)
18.
{
19.
if (ModelState.IsValid)
20.
{
21.
var idManager = new IdentityManager();
22.
var Db = new ApplicationDbContext();
23.
var user = Db.Users.First(u => u.UserName == model.UserName);
24.
idManager.ClearUserRoles(user.Id);
25.
foreach (var role in model.Roles)
26.
{
27.
if (role.Selected)
28.
{
29.
idManager.AddUserToRole(user.Id, role.RoleName);
30.
}
31.
}
32.
return RedirectToAction("index");
33.
}
34.
return View();
35.
}
AccountController.cs 完整程序
001.
using System;
002.
using System.Collections.Generic;
003.
using System.Linq;
004.
using System.Security.Claims;
005.
using System.Threading.Tasks;
006.
using System.Web;
007.
using System.Web.Mvc;
008.
using Microsoft.AspNet.Identity;
009.
using Microsoft.AspNet.Identity.EntityFramework;
010.
using Microsoft.Owin.Security;
011.
using RoleBaseProject.Models;
012.
013.
namespace RoleBaseProject.Controllers
014.
{
015.
[Authorize]
016.
public class AccountController : Controller
017.
{
018.
public AccountController()
019.
: this(new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext())))
020.
{
021.
}
022.
023.
public AccountController(UserManager<ApplicationUser> userManager)
024.
{
025.
UserManager = userManager;
026.
}
027.
028.
public UserManager<ApplicationUser> UserManager { get; private set; }
029.
030.
//
031.
// GET: /Account/Login
032.
[AllowAnonymous]
033.
public ActionResult Login(string returnUrl)
034.
{
035.
ViewBag.ReturnUrl = returnUrl;
036.
return View();
037.
}
038.
039.
//
040.
// POST: /Account/Login
041.
[HttpPost]
042.
[AllowAnonymous]
043.
[ValidateAntiForgeryToken]
044.
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
045.
{
046.
if (ModelState.IsValid)
047.
{
048.
var user = await UserManager.FindAsync(model.UserName, model.Password);
049.
if (user != null)
050.
{
051.
await SignInAsync(user, model.RememberMe);
052.
return RedirectToLocal(returnUrl);
053.
}
054.
else
055.
{
056.
ModelState.AddModelError("", "Invalid username or password.");
057.
}
058.
}
059.
060.
// 如果执行到这里,发生某项失败,则重新显示窗体
061.
return View(model);
062.
}
063.
064.
//
065.
// GET: /Account/Register
066.
[Authorize(Roles="Admin")]
067.
public ActionResult Register()
068.
{
069.
return View();
070.
}
071.
072.
//
073.
// POST: /Account/Register
074.
[HttpPost]
075.
[Authorize(Roles = "Admin")]
076.
[ValidateAntiForgeryToken]
077.
public async Task<ActionResult> Register(RegisterViewModel model)
078.
{
079.
if (ModelState.IsValid)
080.
{
081.
var user = new ApplicationUser() {
082.
UserName = model.UserName,
083.
FirstName = model.FirstName,
084.
LastName = model.LastName,
085.
Email = model.Email,
086.
};
087.
var result = await UserManager.CreateAsync(user, model.Password);
088.
if (result.Succeeded)
089.
{
090.
await SignInAsync(user, isPersistent: false);
091.
return RedirectToAction("Index", "Home");
092.
}
093.
else
094.
{
095.
AddErrors(result);
096.
}
097.
}
098.
099.
// 如果执行到这里,发生某项失败,则重新显示窗体
100.
return View(model);
101.
}
102.
103.
//
104.
// GEG: /Account/Index
105.
[Authorize(Roles = "Admin")]
106.
public ActionResult Index()
107.
{
108.
var Db = new ApplicationDbContext();
109.
var users = Db.Users;
110.
var model = new List<EditUserViewModel>();
111.
foreach(var user in users)
112.
{
113.
var u = new EditUserViewModel(user);
114.
model.Add(u);
115.
}
116.
return View(model);
117.
}
118.
119.
//
120.
// GEG: /Account/Edit
121.
[Authorize(Roles = "Admin")]
122.
public ActionResult Edit(string id , ManageMessageId? Message = null)
123.
{
124.
var Db = new ApplicationDbContext();
125.
var user = Db.Users.First(u => u.UserName == id);
126.
var model = new EditUserViewModel(user);
127.
ViewBag.MessageId = Message;
128.
return View(model);
129.
}
130.
//
131.
// POST: /Account/Edit
132.
[HttpPost]
133.
[Authorize(Roles = "Admin")]
134.
[ValidateAntiForgeryToken]
135.
public async Task<ActionResult> Edit(EditUserViewModel model)
136.
{
137.
if (ModelState.IsValid)
138.
{
139.
var Db = new ApplicationDbContext();
140.
var user = Db.Users.First(u => u.UserName == model.UserName);
141.
user.FirstName = model.FirstName;
142.
user.LastName = model.LastName;
143.
user.Email = model.Email;
144.
Db.Entry(user).State = System.Data.Entity.EntityState.Modified;
145.
await Db.SaveChangesAsync();
146.
return RedirectToAction("Index");
147.
}
148.
return View(model);
149.
}
150.
151.
//
152.
// GEG: /Account/Delete
153.
[Authorize(Roles="Admin")]
154.
public ActionResult Delete(string id = null)
155.
{
156.
var Db = new ApplicationDbContext();
157.
var user = Db.Users.First(u => u.UserName == id);
158.
var model = new EditUserViewModel(user);
159.
return View(model);
160.
}
161.
//
162.
// POST: /Account/Delete
163.
[HttpPost, ActionName("Delete")]
164.
[Authorize(Roles = "Admin")]
165.
[ValidateAntiForgeryToken]
166.
public ActionResult DeleteConfirmed(string id)
167.
{
168.
var Db = new ApplicationDbContext();
169.
var user = Db.Users.First(u => u.UserName == id);
170.
Db.Users.Remove(user);
171.
Db.SaveChanges();
172.
return RedirectToAction("Index");
173.
}
174.
//
175.
// GEG: /Account/UserRoles
176.
[Authorize(Roles = "Admin")]
177.
public ActionResult UserRoles(string id)
178.
{
179.
var Db = new ApplicationDbContext();
180.
var user = Db.Users.First(u => u.UserName == id);
181.
var model = new SelectUserRolesViewModel(user);
182.
return View(model);
183.
}
184.
185.
//
186.
// POST: /Account/UserRoles
187.
[HttpPost]
188.
[Authorize(Roles = "Admin")]
189.
[ValidateAntiForgeryToken]
190.
public ActionResult UserRoles(SelectUserRolesViewModel model)
191.
{
192.
if (ModelState.IsValid)
193.
{
194.
var idManager = new IdentityManager();
195.
var Db = new ApplicationDbContext();
196.
var user = Db.Users.First(u => u.UserName == model.UserName);
197.
idManager.ClearUserRoles(user.Id);
198.
foreach (var role in model.Roles)
199.
{
200.
if (role.Selected)
201.
{
202.
idManager.AddUserToRole(user.Id, role.RoleName);
203.
}
204.
}
205.
return RedirectToAction("index");
206.
}
207.
return View();
208.
}
209.
210.
//
211.
// POST: /Account/Disassociate
212.
[HttpPost]
213.
[ValidateAntiForgeryToken]
214.
public async Task<ActionResult> Disassociate(string loginProvider, string providerKey)
215.
{
216.
ManageMessageId? message = null;
217.
IdentityResult result = await UserManager.RemoveLoginAsync(User.Identity.GetUserId(), new UserLoginInfo(loginProvider, providerKey));
218.
if (result.Succeeded)
219.
{
220.
message = ManageMessageId.RemoveLoginSuccess;
221.
}
222.
else
223.
{
224.
message = ManageMessageId.Error;
225.
}
226.
return RedirectToAction("Manage", new { Message = message });
227.
}
228.
229.
//
230.
// GET: /Account/Manage
231.
public ActionResult Manage(ManageMessageId? message)
232.
{
233.
ViewBag.StatusMessage =
234.
message == ManageMessageId.ChangePasswordSuccess ? "您的密码已变更。"
235.
: message == ManageMessageId.SetPasswordSuccess ? "已设定您的密码。"
236.
: message == ManageMessageId.RemoveLoginSuccess ? "已移除外部登入。"
237.
: message == ManageMessageId.Error ? "发生错误。"
238.
: "";
239.
ViewBag.HasLocalPassword = HasPassword();
240.
ViewBag.ReturnUrl = Url.Action("Manage");
241.
return View();
242.
}
243.
244.
//
245.
// POST: /Account/Manage
246.
[HttpPost]
247.
[ValidateAntiForgeryToken]
248.
public async Task<ActionResult> Manage(ManageUserViewModel model)
249.
{
250.
bool hasPassword = HasPassword();
251.
ViewBag.HasLocalPassword = hasPassword;
252.
ViewBag.ReturnUrl = Url.Action("Manage");
253.
if (hasPassword)
254.
{
255.
if (ModelState.IsValid)
256.
{
257.
IdentityResult result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
258.
if (result.Succeeded)
259.
{
260.
return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess });
261.
}
262.
else
263.
{
264.
AddErrors(result);
265.
}
266.
}
267.
}
268.
else
269.
{
270.
// User does not have a password so remove any validation errors caused by a missing OldPassword field
271.
ModelState state = ModelState["OldPassword"];
272.
if (state != null)
273.
{
274.
state.Errors.Clear();
275.
}
276.
277.
if (ModelState.IsValid)
278.
{
279.
IdentityResult result = await UserManager.AddPasswordAsync(User.Identity.GetUserId(), model.NewPassword);
280.
if (result.Succeeded)
281.
{
282.
return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess });
283.
}
284.
else
285.
{
286.
AddErrors(result);
287.
}
288.
}
289.
}
290.
291.
// 如果执行到这里,发生某项失败,则重新显示窗体
292.
return View(model);
293.
}
294.
295.
//
296.
// POST: /Account/ExternalLogin
297.
[HttpPost]
298.
[AllowAnonymous]
299.
[ValidateAntiForgeryToken]
300.
public ActionResult ExternalLogin(string provider, string returnUrl)
301.
{
302.
// 要求重新导向至外部登入提供者
303.
return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
304.
}
305.
306.
//
307.
// GET: /Account/ExternalLoginCallback
308.
[AllowAnonymous]
309.
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
310.
{
311.
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
312.
if (loginInfo == null)
313.
{
314.
return RedirectToAction("Login");
315.
}
316.
317.
// Sign in the user with this external login provider if the user already has a login
318.
var user = await UserManager.FindAsync(loginInfo.Login);
319.
if (user != null)
320.
{
321.
await SignInAsync(user, isPersistent: false);
322.
return RedirectToLocal(returnUrl);
323.
}
324.
else
325.
{
326.
// If the user does not have an account, then prompt the user to create an account
327.
ViewBag.ReturnUrl = returnUrl;
328.
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
329.
return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { UserName = loginInfo.DefaultUserName });
330.
}
331.
}
332.
333.
//
334.
// POST: /Account/LinkLogin
335.
[HttpPost]
336.
[ValidateAntiForgeryToken]
337.
public ActionResult LinkLogin(string provider)
338.
{
339.
// Request a redirect to the external login provider to link a login for the current user
340.
return new ChallengeResult(provider, Url.Action("LinkLoginCallback", "Account"), User.Identity.GetUserId());
341.
}
342.
343.
//
344.
// GET: /Account/LinkLoginCallback
345.
public async Task<ActionResult> LinkLoginCallback()
346.
{
347.
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(XsrfKey, User.Identity.GetUserId());
348.
if (loginInfo == null)
349.
{
350.
return RedirectToAction("Manage", new { Message = ManageMessageId.Error });
351.
}
352.
var result = await UserManager.AddLoginAsync(User.Identity.GetUserId(), loginInfo.Login);
353.
if (result.Succeeded)
354.
{
355.
return RedirectToAction("Manage");
356.
}
357.
return RedirectToAction("Manage", new { Message = ManageMessageId.Error });
358.
}
359.
360.
//
361.
// POST: /Account/ExternalLoginConfirmation
362.
[HttpPost]
363.
[AllowAnonymous]
364.
[ValidateAntiForgeryToken]
365.
public async Task<ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
366.
{
367.
if (User.Identity.IsAuthenticated)
368.
{
369.
return RedirectToAction("Manage");
370.
}
371.
372.
if (ModelState.IsValid)
373.
{
374.
// 从外部登入提供者处取得使用者信息
375.
var info = await AuthenticationManager.GetExternalLoginInfoAsync();
376.
if (info == null)
377.
{
378.
return View("ExternalLoginFailure");
379.
}
380.
var user = new ApplicationUser() { UserName = model.UserName };
381.
var result = await UserManager.CreateAsync(user);
382.
if (result.Succeeded)
383.
{
384.
result = await UserManager.AddLoginAsync(user.Id, info.Login);
385.
if (result.Succeeded)
386.
{
387.
await SignInAsync(user, isPersistent: false);
388.
return RedirectToLocal(returnUrl);
389.
}
390.
}
391.
AddErrors(result);
392.
}
393.
394.
ViewBag.ReturnUrl = returnUrl;
395.
return View(model);
396.
}
397.
398.
//
399.
// POST: /Account/LogOff
400.
[HttpPost]
401.
[ValidateAntiForgeryToken]
402.
public ActionResult LogOff()
403.
{
404.
AuthenticationManager.SignOut();
405.
return RedirectToAction("Index", "Home");
406.
}
407.
408.
//
409.
// GET: /Account/ExternalLoginFailure
410.
[AllowAnonymous]
411.
public ActionResult ExternalLoginFailure()
412.
{
413.
return View();
414.
}
415.
416.
[ChildActionOnly]
417.
public ActionResult RemoveAccountList()
418.
{
419.
var linkedAccounts = UserManager.GetLogins(User.Identity.GetUserId());
420.
ViewBag.ShowRemoveButton = HasPassword() || linkedAccounts.Count > 1;
421.
return (ActionResult)PartialView("_RemoveAccountPartial", linkedAccounts);
422.
}
423.
424.
protected override void Dispose(bool disposing)
425.
{
426.
if (disposing && UserManager != null)
427.
{
428.
UserManager.Dispose();
429.
UserManager = null;
430.
}
431.
base.Dispose(disposing);
432.
}
433.
434.
#region Helper
435.
// Used for XSRF protection when adding external logins
436.
private const string XsrfKey = "XsrfId";
437.
438.
private IAuthenticationManager AuthenticationManager
439.
{
440.
get
441.
{
442.
return HttpContext.GetOwinContext().Authentication;
443.
}
444.
}
445.
446.
private async Task SignInAsync(ApplicationUser user, bool isPersistent)
447.
{
448.
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
449.
var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
450.
AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
451.
}
452.
453.
private void AddErrors(IdentityResult result)
454.
{
455.
foreach (var error in result.Errors)
456.
{
457.
ModelState.AddModelError("", error);
458.
}
459.
}
460.
461.
private bool HasPassword()
462.
{
463.
var user = UserManager.FindById(User.Identity.GetUserId());
464.
if (user != null)
465.
{
466.
return user.PasswordHash != null;
467.
}
468.
return false;
469.
}
470.
471.
public enum ManageMessageId
472.
{
473.
ChangePasswordSuccess,
474.
SetPasswordSuccess,
475.
RemoveLoginSuccess,
476.
Error
477.
}
478.
479.
private ActionResult RedirectToLocal(string returnUrl)
480.
{
481.
if (Url.IsLocalUrl(returnUrl))
482.
{
483.
return Redirect(returnUrl);
484.
}
485.
else
486.
{
487.
return RedirectToAction("Index", "Home");
488.
}
489.
}
490.
491.
private class ChallengeResult : HttpUnauthorizedResult
492.
{
493.
public ChallengeResult(string provider, string redirectUri) : this(provider, redirectUri, null)
494.
{
495.
}
496.
497.
public ChallengeResult(string provider, string redirectUri, string userId)
498.
{
499.
LoginProvider = provider;
500.
RedirectUri = redirectUri;
501.
UserId = userId;
502.
}
503.
504.
public string LoginProvider { get; set; }
505.
public string RedirectUri { get; set; }
506.
public string UserId { get; set; }
507.
508.
public override void ExecuteResult(ControllerContext context)
509.
{
510.
var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
511.
if (UserId != null)
512.
{
513.
properties.Dictionary[XsrfKey] = UserId;
514.
}
515.
context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
516.
}
517.
}
518.
#endregion
519.
}
520.
}
修改相关 Views
修改Register.cshtml View
01.
@model RoleBaseProject.Models.RegisterViewModel
02.
@{
03.
ViewBag.Title = "注册";
04.
}
05.
06.
<h2>@ViewBag.Title.</h2>
07.
08.
@using (Html.BeginForm("Register", "Account", FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
09.
{
10.
@Html.AntiForgeryToken()
11.
<h4>建立新的账户。</h4>
12.
<hr />
13.
@Html.ValidationSummary()
14.
<div class="form-group">
15.
@Html.LabelFor(m => m.UserName, new { @class = "col-md-2 control-label" })
16.
<div class="col-md-10">
17.
@Html.TextBoxFor(m => m.UserName, new { @class = "form-control" })
18.
</div>
19.
</div>
20.
<div class="form-group">
21.
@Html.LabelFor(m => m.Password, new { @class = "col-md-2 control-label" })
22.
<div class="col-md-10">
23.
@Html.PasswordFor(m => m.Password, new { @class = "form-control" })
24.
</div>
25.
</div>
26.
<div class="form-group">
27.
@Html.LabelFor(m => m.ConfirmPassword, new { @class = "col-md-2 control-label" })
28.
<div class="col-md-10">
29.
@Html.PasswordFor(m => m.ConfirmPassword, new { @class = "form-control" })
30.
</div>
31.
</div>
32.
<div class="form-group">
33.
@Html.LabelFor(m => m.FirstName, new { @class = "col-md-2 control-label" })
34.
<div class="col-md-10">
35.
@Html.TextBoxFor(m => m.FirstName, new { @class = "form-control" })
36.
</div>
37.
</div>
38.
<div class="form-group">
39.
@Html.LabelFor(m => m.LastName, new { @class = "col-md-2 control-label" })
40.
<div class="col-md-10">
41.
@Html.TextBoxFor(m => m.LastName, new { @class = "form-control" })
42.
</div>
43.
</div>
44.
<div class="form-group">
45.
@Html.LabelFor(m => m.Email, new { @class = "col-md-2 control-label" })
46.
<div class="col-md-10">
47.
@Html.TextBoxFor(m => m.Email, new { @class = "form-control" })
48.
</div>
49.
</div>
50.
<div class="form-group">
51.
<div class="col-md-offset-2 col-md-10">
52.
<input type="submit" class="btn btn-default" value="注册" />
53.
</div>
54.
</div>
55.
}
56.
57.
@section Scripts {
58.
@Scripts.Render("~/bundles/jqueryval")
59.
}
新增Edit、Delete、Index 等方法的Views
新增Edit Views
用以下内容取代原程序
01.
@model RoleBaseProject.Models.EditUserViewModel
02.
03.
@{
04.
ViewBag.Title = "数据者数据编辑";
05.
}
06.
07.
<h2>数据者数据编辑</h2>
08.
09.
@using (Html.BeginForm())
10.
{
11.
@Html.AntiForgeryToken()
12.
<div class="form-horizontal">
13.
<h4>修改原有账号数据</h4>
14.
<hr />
15.
@Html.ValidationSummary(true)
16.
<div class="form-group">
17.
@Html.LabelFor(model => model.UserName, new { @class = "control-label col-md-2" })
18.
<div class="col-md-10">
19.
@Html.EditorFor(model => model.UserName)
20.
@Html.ValidationMessageFor(model => model.UserName)
21.
</div>
22.
</div>
23.
24.
<div class="form-group">
25.
@Html.LabelFor(model => model.FirstName, new { @class = "control-label col-md-2" })
26.
<div class="col-md-10">
27.
@Html.EditorFor(model => model.FirstName)
28.
@Html.ValidationMessageFor(model => model.FirstName)
29.
</div>
30.
</div>
31.
32.
<div class="form-group">
33.
@Html.LabelFor(model => model.LastName, new { @class = "control-label col-md-2" })
34.
<div class="col-md-10">
35.
@Html.EditorFor(model => model.LastName)
36.
@Html.ValidationMessageFor(model => model.LastName)
37.
</div>
38.
</div>
39.
40.
<div class="form-group">
41.
@Html.LabelFor(model => model.Email, new { @class = "control-label col-md-2" })
42.
<div class="col-md-10">
43.
@Html.EditorFor(model => model.Email)
44.
@Html.ValidationMessageFor(model => model.Email)
45.
</div>
46.
</div>
47.
48.
<div class="form-group">
49.
<div class="col-md-offset-2 col-md-10">
50.
<input type="submit" value="存档" class="btn btn-default" />
51.
</div>
52.
</div>
53.
</div>
54.
}
55.
56.
<div>
57.
@Html.ActionLink("回到使用者清单画面", "Index")
58.
</div>
59.
60.
@section Scripts {
61.
@Scripts.Render("~/bundles/jqueryval")
62.
}
新增Delete的Views
用以下内容取代原程序
01.
@model RoleBaseProject.Models.EditUserViewModel
02.
03.
<h3>使用者账号删除</h3>
04.
<div>
05.
<h4>确定要删除这个使用者账号?</h4>
06.
<hr />
07.
<dl class="dl-horizontal">
08.
<dt>
09.
@Html.DisplayNameFor(model => model.UserName)
10.
</dt>
11.
12.
<dd>
13.
@Html.DisplayFor(model => model.UserName)
14.
</dd>
15.
16.
<dt>
17.
@Html.DisplayNameFor(model => model.FirstName)
18.
</dt>
19.
20.
<dd>
21.
@Html.DisplayFor(model => model.FirstName)
22.
</dd>
23.
24.
<dt>
25.
@Html.DisplayNameFor(model => model.LastName)
26.
</dt>
27.
28.
<dd>
29.
@Html.DisplayFor(model => model.LastName)
30.
</dd>
31.
32.
<dt>
33.
@Html.DisplayNameFor(model => model.Email)
34.
</dt>
35.
36.
<dd>
37.
@Html.DisplayFor(model => model.Email)
38.
</dd>
39.
40.
</dl>
41.
42.
@using (Html.BeginForm()) {
43.
@Html.AntiForgeryToken()
44.
45.
<div class="form-actions no-color">
46.
<input type="submit" value="删除" class="btn btn-default" /> |
47.
@Html.ActionLink("回到使用者清单画面", "Index")
48.
</div>
49.
}
50.
</div>
新增Index Views
用以下内容取代原程序
01.
@model IEnumerable<RoleBaseProject.Models.EditUserViewModel>
02.
03.
@{
04.
ViewBag.Title = "账号管理";
05.
}
06.
07.
<h2>账号管理</h2>
08.
09.
<p>
10.
@Html.ActionLink("新增账号", "Register")
11.
</p>
12.
<table class="table">
13.
<tr>
14.
<th>
15.
@Html.DisplayNameFor(model => model.UserName)
16.
</th>
17.
<th>
18.
@Html.DisplayNameFor(model => model.FirstName)
19.
</th>
20.
<th>
21.
@Html.DisplayNameFor(model => model.LastName)
22.
</th>
23.
<th>
24.
@Html.DisplayNameFor(model => model.Email)
25.
</th>
26.
<th></th>
27.
</tr>
28.
29.
@foreach (var item in Model) {
30.
<tr>
31.
<td>
32.
@Html.DisplayFor(modelItem => item.UserName)
33.
</td>
34.
<td>
35.
@Html.DisplayFor(modelItem => item.FirstName)
36.
</td>
37.
<td>
38.
@Html.DisplayFor(modelItem => item.LastName)
39.
</td>
40.
<td>
41.
@Html.DisplayFor(modelItem => item.Email)
42.
</td>
43.
<td>
44.
@Html.ActionLink("编辑", "Edit", new { id=item.UserName }) |
45.
@Html.ActionLink("角色", "UserRoles", new { id=item.UserName }) |
46.
@Html.ActionLink("删除", "Delete", new { id=item.UserName })
47.
</td>
48.
</tr>
49.
}
50.
51.
</table>
新增好的三個View
新增UserRoles.cshtml View 并 新增程序代码
用以下内容取代原程序
01.
@model RoleBaseProject.Models.SelectUserRolesViewModel
02.
@{
03.
ViewBag.Title = "使用者角色";
04.
}
05.
06.
<h2>使用者角色 @Html.DisplayFor(model => model.UserName)</h2>
07.
<hr />
08.
09.
@using (Html.BeginForm("UserRoles", "Account", FormMethod.Post, new { encType = "multipart/form-data", name = "myform" }))
10.
{
11.
@Html.AntiForgeryToken()
12.
13.
<div class="form-horizontal">
14.
@Html.ValidationSummary(true)
15.
<div class="form-group">
16.
<div class="col-md-10">
17.
@Html.HiddenFor(model => model.UserName)
18.
</div>
19.
</div>
20.
21.
<h4>选择要加入的角色</h4>
22.
<br />
23.
<hr />
24.
25.
<table>
26.
<tr>
27.
<th>
28.
勾选
29.
</th>
30.
<th>
31.
角色
32.
</th>
33.
</tr>
34.
@Html.EditorFor(model => model.Roles)
35.
</table>
36.
<br />
37.
<hr />
38.
39.
<div class="form-group">
40.
<div class="col-md-offset-2 col-md-10">
41.
<input type="submit" value="存档" class="btn btn-default" />
42.
</div>
43.
</div>
44.
</div>
45.
}
新增SelectRoleEditorViewModel.cshtml 在 Shared/EditorTemplates目录下
01.
@model RoleBaseProject.Models.SelectRoleEditorViewModel
02.
@Html.HiddenFor(model => model.RoleName)
03.
<tr>
04.
<td style="text-align:center">
05.
@Html.CheckBoxFor(model => model.Selected)
06.
</td>
07.
<td>
08.
@Html.DisplayFor(model => model.RoleName)
09.
</td>
10.
</tr>
在主页面上新增”账号管理" 功能按钮
移除主页面上的注册功能
启动 Migration功能
在Seed()方法中加入建立测试数据的程序代码
完整程序:
01.
namespace RoleBaseProject.Migrations
02.
{
03.
using RoleBaseProject.Models;
04.
using System;
05.
using System.Data.Entity;
06.
using System.Data.Entity.Migrations;
07.
using System.Linq;
08.
09.
internal sealed class Configuration : DbMigrationsConfiguration<RoleBaseProject.Models.ApplicationDbContext>
10.
{
11.
public Configuration()
12.
{
13.
AutomaticMigrationsEnabled = false;
14.
}
15.
16.
protected override void Seed(RoleBaseProject.Models.ApplicationDbContext context)
17.
{
18.
// This method will be called after migrating to the latest version.
19.
20.
// You can use the DbSet<T>.AddOrUpdate() helper extension method
21.
// to avoid creating duplicate seed data. E.g.
22.
//
23.
// context.People.AddOrUpdate(
24.
// p => p.FullName,
25.
// new Person { FullName = "Andrew Peters" },
26.
// new Person { FullName = "Brice Lambson" },
27.
// new Person { FullName = "Rowan Miller" }
28.
// );
29.
//
30.
this.AddUserAndRoles();
31.
}
32.
33.
bool AddUserAndRoles()
34.
{
35.
bool success = false;
36.
37.
var idManager = new IdentityManager();
38.
success = idManager.CreateRole("Admin");
39.
if (!success == true) return success;
40.
41.
success = idManager.CreateRole("CanEdit");
42.
if (!success == true) return success;
43.
44.
success = idManager.CreateRole("User");
45.
if (!success) return success;
46.
47.
var newUser = new ApplicationUser()
48.
{
49.
UserName = "jatten",
50.
FirstName = "John",
51.
LastName = "Atten",
52.
Email = "jatten@typecastexception.com"
53.
};
54.
55.
success = idManager.CreateUser(newUser, "Password1");
56.
if (!success) return success;
57.
58.
success = idManager.AddUserToRole(newUser.Id, "Admin");
59.
if (!success) return success;
60.
61.
success = idManager.AddUserToRole(newUser.Id, "CanEdit");
62.
if (!success) return success;
63.
64.
success = idManager.AddUserToRole(newUser.Id, "User");
65.
if (!success) return success;
66.
67.
return success;
68.
}
69.
}
70.
}
更新数据库
执行结果
以具有Admin角色的使用者登入后执行账户管理功能:
904
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
