ASP.NET MVC - Custom IIdentity or IPrincipal with

2019-06-13 07:57发布

问题:

I am working on an intranet site with Windows Authentication for logins. However, I want to extend the IPrincipal to have other properties. For instance, I'd like to get the user's FirstName in @User.FirstName or User.AuthorizedActivity("Admin/Permissions/Edit") (would retrieve from db) using activities instead of roles to hide certain links, etc. I am really having a heck of a time figuring this out over the past 2 days and find much information doing this with Windows Authentication.

My CustomPrincipal and BaseViewPage setup:

namespace Intranet_v2.Helpers
{ 
    public interface ICustomPrincipal : IPrincipal
    {
        Guid UserGuid { get; set; }
        string FirstName { get; set; }
        string LastName { get; set; }
        string FullName { get; set; }
    }

    public class CustomPrincipal : ICustomPrincipal
    {
        public IIdentity Identity { get; private set; }
        public bool IsInRole(string role) { return false; }

        public CustomPrincipal(string identity)
        {
            this.Identity = new GenericIdentity(identity);
        }

        public Guid UserGuid { get; set; }
        public string FirstName { get; set; }
        public string LastName { get; set; }
        public string FullName { get; set; }
    }

    public class CustomPrincipalSerializeModel
    {
        public Guid UserGuid { get; set; }
        public string FirstName { get; set; }
        public string LastName { get; set; }
        public string FullName { get; set; }
    }

    public class BaseController : Controller
    {
        protected virtual new CustomPrincipal User
    {   
            get { return HttpContext.User as CustomPrincipal; }
        }
    }

    public abstract class BaseViewPage : WebViewPage
    {
        public virtual new CustomPrincipal User
        {
            get { return base.User as CustomPrincipal; }
        }
    }

    public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
    {
        public virtual new CustomPrincipal User
        {
            get { return base.User as CustomPrincipal; }
        }
    }
}

Views Web.Config BaseViewPage:

<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Intranet_v2.Helpers.BaseViewPage">
  <namespaces>
    <add namespace="System.Web.Mvc" />
    <add namespace="System.Web.Mvc.Ajax" />
    <add namespace="System.Web.Mvc.Html" />
    <add namespace="System.Web.Optimization"/>
    <add namespace="System.Web.Routing" />
    <add namespace="Intranet_v2" />
  </namespaces>
</pages>

I think my main problem is I have no idea what to do in the protected void Application_PostAuthenticateRequest(object sender, EventArgs args) for my Global.asax.cs file. I have a poor attempt at setting it up here:

protected void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
    //var application = (HttpApplication)sender;
    var context = application.Context;

    if (context.User != null || !context.User.Identity.IsAuthenticated) return;

    var formsIdentity = (FormsIdentity)context.User.Identity;

    if (formsIdentity == null) return;

    var ticket = formsIdentity.Ticket;


    JavaScriptSerializer serializer = new JavaScriptSerializer();

    CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(ticket.UserData);

    CustomPrincipal newUser = new CustomPrincipal(ticket.Name);
    newUser.UserGuid = serializeModel.UserGuid;
    newUser.FirstName = serializeModel.FirstName;
    newUser.LastName = serializeModel.LastName;
    newUser.FullName = serializeModel.FullName;

    var values = ticket.UserData.Split('|');

    var roles = values[1].Split(',');

    context.User = new GenericPrincipal(new GenericIdentity(ticket.Name, "Forms"), roles);
}

Now I'm at the point where @User.Name is now null. I'm in way over my head on this. Any help is appreciated. My protected void Application_PostAuthenticateRequest(object sender, EventArgs args) is completely out of wack.

All I want to do is rely on Windows Authentication to do what it does normally and add a few extra properties to the HttpContext.Current.User. Any help is appreciated... I can't be the only one trying to do this.

回答1:

What I normally do is just request the additional user information later. For instance, using an Extension method like:

public static class PrincipalExtensions
{
   private static void Initialize(string userName)
   {
      var userRecord = //Get user information from DB;

      var session = HttpContext.Current.Session;
      if (session != null)
      {
         session.Add("UserID", userRecord.ID);
         session.Add("UserEmail", userRecord.Email);
         //And so on
      }
   }

   public static long? GetUserID(this IPrincipal user)
   {
      var id = HttpContext.Current.Session["UserID"] as long?;
      if (id == null)
        Initialize();

      return (long)HttpContext.Current.Session["UserID"];
   }
}

This is roughly what I implement in some of my projects; rather than tapping into the login process and store it in the cookie, the system can lazy load the information and cache in session when the information is needed.