Get role/s of current logged in user in ASP.NET Co

2020-08-09 06:45发布

问题:

How can I get the logged in user's role/s in ASP.NET Core MVC? I want to get role details as soon as user logs in into the application, but by using following code I am not able to retrieve the role details

public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
    ViewData["ReturnUrl"] = returnUrl;
    if (ModelState.IsValid)
    {

        var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);

        if (result.Succeeded)
        {
            _logger.LogInformation(1, "User logged in.");

           bool available = User.IsInRole("Admin"); 
            return RedirectToLocal(returnUrl);
        }
        if (result.RequiresTwoFactor)
        {
            return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
        }
        if (result.IsLockedOut)
        {
            _logger.LogWarning(2, "User account locked out.");
            return View("Lockout");
        }
        else
        {
            ModelState.AddModelError(string.Empty, "Invalid login attempt.");
            return View(model);
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

Also, I have used the below methods like

var user = new ApplicationUser { UserName = model.Email, Email = model.Email };

var userRoles = await _userManager.GetRolesAsync(user);

Still, I am not able to get the role details. Can anyone please help on this?

回答1:

You may want to consider trying to load the actual ApplicationUser object via the FindByEmail() or some other method and passing that object into the GetRolesAsync() method as seen below :

// Resolve the user via their email
var user = await _userManager.FindByEmailAsync(model.Email);
// Get the roles for the user
var roles = await _userManager.GetRolesAsync(user);

A more complete example might look like :

[HttpPost("Auth/SignIn")]
[ValidateAntiForgeryToken]
public async Task<IActionResult> SignIn(SignInViewModel model, string returnUrl = null)
{
    ViewData["ReturnUrl"] = returnUrl;
    if (ModelState.IsValid)
    {
        var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, true, false);
        if (result.Succeeded)
        {
            // Resolve the user via their email
            var user = await _userManager.FindByEmailAsync(model.Email);
            // Get the roles for the user
            var roles = await _userManager.GetRolesAsync(user);

            // Do something with the roles here
        }
        else
        {
            // Uh oh....
        }
    }

    // Something is probably wrong, provide the form again....
    return View(model);
}


回答2:

Short but useful:

[Route("api/[controller]")]
[ApiController]
public class RoleController : ControllerBase
{
    private readonly UserManager<User> userManager;

    public RoleController(
        UserManager<User> userManager
        )
    {
        this.userManager = userManager;
    }

    // GET api/role
    [HttpGet]
    [Authorize]
    public async Task<IEnumerable<string>> Get()
    {
        var userId = User.FindFirstValue(ClaimTypes.Name);
        var user = await userManager.FindByIdAsync(userId);
        var role = await userManager.GetRolesAsync(user);
        return role;
    }
}

Hopes it helps.