Kurse:ASP.NET Core Identity & Authorization

Aus ahrensburg.city
Zur Navigation springen Zur Suche springen

ASP.NET Core Identity & Authorization – Codebeispiele

Benutzerregistrierung

[HttpPost]
[AllowAnonymous]
public async Task<IActionResult> Register(RegisterDTO registerDTO)
{
    if (ModelState.IsValid)
    {
        var user = new ApplicationUser
        {
            UserName = registerDTO.Email,
            Email = registerDTO.Email,
            PersonName = registerDTO.PersonName
        };

        var result = await _userManager.CreateAsync(user, registerDTO.Password);

        if (result.Succeeded)
        {
            if (!await _roleManager.RoleExistsAsync(registerDTO.Role))
                await _roleManager.CreateAsync(new ApplicationRole(registerDTO.Role));

            await _userManager.AddToRoleAsync(user, registerDTO.Role);
            await _signInManager.SignInAsync(user, isPersistent: false);

            return RedirectToAction("Index", "Persons");
        }

        foreach (var error in result.Errors)
            ModelState.AddModelError("", error.Description);
    }

    return View(registerDTO);
}

Benutzeranmeldung

[HttpPost]
[AllowAnonymous]
public async Task<IActionResult> Login(LoginDTO loginDTO, string returnUrl = null)
{
    if (ModelState.IsValid)
    {
        var result = await _signInManager.PasswordSignInAsync(
            loginDTO.Email, loginDTO.Password, false, false);

        if (result.Succeeded)
        {
            var user = await _userManager.FindByEmailAsync(loginDTO.Email);
            if (await _userManager.IsInRoleAsync(user, "Admin"))
                return RedirectToAction("Index", "Home", new { area = "Admin" });

            return RedirectToLocal(returnUrl);
        }

        ModelState.AddModelError(string.Empty, "Ungültiger Login-Versuch.");
    }

    return View(loginDTO);
}

Benutzerabmeldung

[Authorize]
public async Task<IActionResult> Logout()
{
    await _signInManager.SignOutAsync();
    return RedirectToAction("Index", "Persons");
}

E-Mail-Verfügbarkeit prüfen

[AcceptVerbs("Get", "Post")]
[AllowAnonymous]
public async Task<IActionResult> IsEmailAlreadyRegistered(string email)
{
    var user = await _userManager.FindByEmailAsync(email);
    return Json(user == null);
}

Program.cs – Identity-Konfiguration

builder.Services.AddIdentity<ApplicationUser, ApplicationRole>(options =>
{
    options.Password.RequireDigit = true;
    options.Password.RequiredLength = 6;
    options.Password.RequireUppercase = true;
    options.Password.RequireLowercase = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();

builder.Services.ConfigureApplicationCookie(options =>
{
    options.LoginPath = "/Account/Login";
});

builder.Services.AddAuthorization(options =>
{
    options.FallbackPolicy = new AuthorizationPolicyBuilder()
        .RequireAuthenticatedUser()
        .Build();

    options.AddPolicy("NotAuthorized", policy =>
        policy.RequireAssertion(context => !context.User.Identity.IsAuthenticated));
});

Benutzerrolle prüfen

if (await _userManager.IsInRoleAsync(user, "Admin"))
{
    // Zugriff für Admin
}

Zwei-Faktor-Authentifizierung aktivieren

var token = await _userManager.GenerateTwoFactorTokenAsync(user, "Email");
await _userManager.VerifyTwoFactorTokenAsync(user, "Email", token);

CSRF-Schutz (XSRF) in View

<form asp-action="Register" method="post">
    @Html.AntiForgeryToken()
    <!-- Formularfelder -->
</form>

Tag Helpers in Razor Views

<a asp-controller="Account" asp-action="Login">Login</a>

<input asp-for="Email" />
<span asp-validation-for="Email"></span>

Remote Validation in DTO

public class RegisterDTO
{
    [Remote(action: "IsEmailAlreadyRegistered", controller: "Account")]
    public string Email { get; set; }
}
Abgerufen von „https://ahrensburg.city/index.php?title=Kurse:ASP.NET_Core_Identity_%26_Authorization&oldid=483