回答自己,我所做的是:
创建了自己的UserClaimStore(我只需要这个存储库,不需要其他存储库):
public class MyIdentityStore :
IUserClaimStore<IdentityUser>
{
private MyDbContext _myDbContext;
private bool _disposed = false;
public MyIdentityStore(MyDbContext myDbContext)
{
_myDbContext = myDbContext;
}
#region IUserClaimStore
public Task<IList<Claim>> GetClaimsAsync(IdentityUser user, CancellationToken cancellationToken)
{
}
#endregion
#region IDisposable Support
protected virtual void Dispose(bool disposing)
{ }
#endregion
}
然后我创建了自己的ClaimTransformer:
public class MyClaimsTransformer : IClaimsTransformer
{
private UserManager<IdentityUser> _userManager;
public MyClaimsTransformer(UserManager<IdentityUser> userManager)
{
_userManager = userManager;
}
public async Task<ClaimsPrincipal> TransformAsync(ClaimsTransformationContext context)
{
var identity = ((ClaimsIdentity)context.Principal.Identity);
var claims = await _userManager.GetClaimsAsync(new IdentityUser(identity.Name));
identity.AddClaims(claims);
return await Task.FromResult(context.Principal);
}
}
最后,在 Startup.cs 中:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<MyDbContext>(o => );
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<MyDbContext>()
.AddUserStore<MyIdentityStore>();
services.AddTransient<IClaimsTransformer, MyClaimsTransformer>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
app.UseIdentity();
app.UseClaimsTransformation(async (context) =>
{
IClaimsTransformer transformer = context.Context.RequestServices.GetRequiredService<IClaimsTransformer>();
return await transformer.TransformAsync(context);
});
}
现在我可以自由地使用[Authorize(Roles = "MyRole")]
或User.IsInRole("MyRole")
甚至User.HasClaim(/* */)
!