我是这样做的.
我决定使用IPrincipal而不是IIdentity,因为这意味着我不必同时实现IIdentity和IPrincipal.
创建接口
interface I客户主体 : IPrincipal
{
int Id { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
}
客户主体
public class 客户主体 : I客户主体
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public 客户主体(string email)
{
this.Identity = new GenericIdentity(email);
}
public int Id { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
}
客户主体SerializeModel - for serializing custom information into userdata field in FormsAuthenticationTicket object.
public class 客户主体SerializeModel
{
public int Id { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
}
登录方法-使用自定义信息设置cookie
if (Membership.ValidateUser(viewModel.Email, viewModel.Password))
{
var user = userRepository.Users.Where(u => u.Email == viewModel.Email).First();
客户主体SerializeModel serializeModel = new 客户主体SerializeModel();
serializeModel.Id = user.Id;
serializeModel.FirstName = user.FirstName;
serializeModel.LastName = user.LastName;
JavaScriptSerializer serializer = new JavaScriptSerializer();
string userData = serializer.Serialize(serializeModel);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
viewModel.Email,
DateTime.Now,
DateTime.Now.AddMinutes(15),
false,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
return RedirectToAction("Index", "Home");
}
Global.asax.cs-读取cookie并替换HttpContext.User对象,这是通过重写PostAuthenticateRequest来完成的
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
客户主体SerializeModel serializeModel = serializer.Deserialize<客户主体SerializeModel>(authTicket.UserData);
客户主体 newUser = new 客户主体(authTicket.Name);
newUser.Id = serializeModel.Id;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
HttpContext.Current.User = newUser;
}
}
在Razor视图中访问
@((User as 客户主体).Id)
@((User as 客户主体).FirstName)
@((User as 客户主体).LastName)
在代码中:
(User as 客户主体).Id
(User as 客户主体).FirstName
(User as 客户主体).LastName
我认为代码是不言自明的.如果不是,请告诉我.
此外,为了使访问更容易,您可以创建一个基本控制器并覆盖返回的用户对象(HttpContext.User):
public class BaseController : Controller
{
protected virtual new 客户主体 User
{
get { return HttpContext.User as 客户主体; }
}
}
然后,对于每个控制器:
public class AccountController : BaseController
{
// ...
}
这将允许您访问以下代码中的自定义字段:
User.Id
User.FirstName
User.LastName
但这在内部视图中不起作用.为此,您需要创建一个自定义WebViewPage实现:
public abstract class BaseViewPage : WebViewPage
{
public virtual new 客户主体 User
{
get { return base.User as 客户主体; }
}
}
public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
public virtual new 客户主体 User
{
get { return base.User as 客户主体; }
}
}
在Views/web.config中将其设为默认页面类型:
<pages pageBaseType="Your.Namespace.BaseViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
</namespaces>
</pages>
在视图中,您可以这样访问它:
@User.FirstName
@User.LastName