Visual Studio 在不使用AuthenticationStateProvider的情况下获取Blazor服务器应用中的当前用户

2jcobegt  于 2023-10-23  发布在  其他
关注(0)|答案(1)|浏览(114)

所以我刚刚开始了解blazor,我正试图使一个约会应用程序,在该应用程序中,我有一个页面,创建配置文件,但问题是,我不能让它读取登录的用户ID由它自己
这是我的代码

  1. @code {
  2.     private string FullName { get; set; } = string.Empty;
  3.     private DateTime Birthday { get; set; }
  4.     private string Gender { get; set; } = "Male";
  5.     private string City { get; set; } = string.Empty;
  6.     private string PostalCode { get; set; } = string.Empty;
  7.     private int Height { get; set; }
  8.     private bool? ProfileCreated { get; set; }
  9.     private string? ErrorMessage { get; set; }
  10.     private string? isLoggedIn { get; set; }
  11.     private int userId { get; set; }
  13.     private async Task CreateProfileAsync()
  14.     {
  15.         try
  16.         {
  17.             int loggedInUserId = await GetCurrentLoggedInUserIdAsync(userId);
  19.             bool success = await DatingAppService.CreateProfile(loggedInUserId, FullName, Birthday, Gender, City, PostalCode, Height);
  21.             if (success)
  22.             {
  23.                 ProfileCreated = true;
  24.                 ErrorMessage = string.Empty;
  25.                 Navigation.NavigateTo("/like-profile", forceLoad: true);
  26.             }
  27.             else
  28.             {
  29.                 ProfileCreated = false;
  30.                 ErrorMessage = "Profile creation failed.";
  31.             }
  32.         }
  33.         catch (Exception ex)
  34.         {
  35.             ProfileCreated = false;
  36.             ErrorMessage = "An error occurred: " + ex.Message;
  37.         }
  38.     }
  40.     private async Task<int> GetCurrentLoggedInUserIdAsync(int userId)
  41.     {
  42.         return userId;
  43.     }
  44.     private string ProfileStatusColor => ProfileCreated.Value ? "profile-success" : "profile-error";
  45.     private string ProfileStatusMessage => ProfileCreated.Value ? "Profile created successfully!" : ErrorMessage;
  47. }

我尝试使用AuthenticationStateProvider,但它似乎不工作,因为我使用Blazor服务器应用程序。
请您客气点我是新手。

visual-studio

1条答案

按热度按时间
xdyibdwo

xdyibdwo1#

这个问题没有简短的答案。为了识别用户,您需要实现身份验证方案,然后与Blazor的AuthenticationStateProvider集成。
从阅读本系列文章开始:
https://chrissainty.com/series/securing-your-blazor-apps/
此外,官方文件在评论中指出:
https://learn.microsoft.com/en-us/aspnet/core/blazor/security
实际上,这里有几个主题可以彼此分开:
1.学习Blazor。
1.学习ASP.NET核心认证和授权。
1.学习如何将Blazor与AuthenticationStateProvider集成。
1.了解您可用的各种身份验证方案选项,例如Cookie、承载令牌、JWT等。
1.了解各种身份提供者,无论是本地(EF核心身份,相邻的Web API或数据库)还是外部(Azure,Auth 0,社交媒体平台等)。
作为一个初学者,你可能应该坚持使用一些应用内/本地身份验证提供程序,只是为了开始和熟悉一些基本的身份验证概念。应用内意味着,您可以使用本地数据库,可能是EF Core Identity数据库,而不是尝试与外部提供商集成。
最终,您用于学习/爱好项目目的的东西可能不会在真实的世界中飞行,当涉及到安全性和性能时,这取决于您的需求。
请注意,如果您发现自己编写了自己的哈希/加密算法来存储用户的敏感数据或密码,那么您就做错了。这可能不是你的项目的主要目的,你不应该试图发明已经存在的东西。
也许为了更直接地帮助您入门,请参阅此存储库--https://github.com/CodeFontana/BlazorSimpleAuthDemo
这是我能想到的最基本的用户身份验证演示,基于.NET 7.0的vanilla Blazor Server模板。
为了在Stack Overflow上回答的完整性,我将在这里发布代码的相关部分。
Program.cs

  1. using BlazorSimpleAuth.Authentication;
  2. using BlazorSimpleAuth.Data;
  3. using Microsoft.AspNetCore.Components.Authorization;
  5. WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
  7. builder.Services.AddRazorPages();
  8. builder.Services.AddServerSideBlazor();
  9. builder.Services.AddSingleton<WeatherForecastService>();
  10. builder.Services.AddScoped<IAuthenticationService, AuthenticationService>();
  11. builder.Services.AddScoped<AuthenticationStateProvider, SimpleAuthStateProvider>();
  13. WebApplication app = builder.Build();
  15. if (app.Environment.IsDevelopment() == false)
  16. {
  17.     app.UseExceptionHandler("/Error");
  18.     app.UseHsts();
  19. }
  21. app.UseHttpsRedirection();
  22. app.UseStaticFiles();
  23. app.UseRouting();
  24. app.UseAuthentication();
  25. app.UseAuthorization();
  26. app.MapBlazorHub();
  27. app.MapFallbackToPage("/_Host");
  28. app.Run();

App.razor:

  1. <CascadingAuthenticationState>
  2.     <Router AppAssembly="@typeof(App).Assembly">
  3.         <Found Context="routeData">
  4.             <AuthorizeRouteView Context="AuthContext" RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" >
  5.                 <NotAuthorized>
  6.                     You are not authorized, please login.
  7.                 </NotAuthorized>
  8.             </AuthorizeRouteView>
  9.         </Found>
  10.         <NotFound>
  11.             <PageTitle>Not found</PageTitle>
  12.             <LayoutView Layout="@typeof(MainLayout)">
  13.                 <p role="alert">Sorry, there's nothing at this address.</p>
  14.             </LayoutView>
  15.         </NotFound>
  16.     </Router>
  17. </CascadingAuthenticationState>

Index.razor

  1. @page "/"
  2. @inject IAuthenticationService Auth
  3. <PageTitle>Index</PageTitle>
  5. <h1>Hello, world!</h1>
  7. Welcome to your new app.
  9. <AuthorizeView>
  10.     <Authorized>
  11.         <div class="mt-3">
  12.             <p>Hello, @context.User.Identity!.Name!</p>
  13.             <button type="submit" class="btn btn-primary" @onclick="OnLogout">
  14.                 <text>Logout</text>
  15.             </button>
  16.         </div>
  17.     </Authorized>
  18.     <NotAuthorized>
  19.         <Login />
  20.     </NotAuthorized>
  21. </AuthorizeView>
  23. @code {
  24.     private void OnLogout()
  25.     {
  26.         // Logout user and update application state
  27.         Auth.Logout();
  28.     }
  29. }

Login.razor:

  1. @using System.Security.Claims;
  2. @inject NavigationManager Nav
  3. @inject IAuthenticationService Auth
  4. @inject AuthenticationStateProvider AuthState
  6. @attribute [AllowAnonymous]
  8. <div class="container mt-3">
  9.     <div class="row d-flex justify-content-center">
  10.         <div class="col-12 col-lg-6">
  11.             <EditForm Model="@_loginUser" OnValidSubmit="() => OnLogin()">
  12.                 <DataAnnotationsValidator />
  13.                 <div class="input-group mb-3">
  14.                     <span class="input-group-text" style="width: 100px;">Username</span>
  15.                     <InputText class="form-control" @bind-Value="_loginUser.Username" disabled="@_authenticating" />
  16.                     <div class="text-danger">
  17.                         <ValidationMessage For="@(() => _loginUser.Username)" />
  18.                     </div>
  19.                 </div>
  20.                 <div class="input-group mb-3">
  21.                     <span class="input-group-text" style="width: 100px;">Password</span>
  22.                     <InputText class="form-control" type="password" @bind-Value="_loginUser.Password" disabled="@_authenticating" />
  23.                     <div class="text-danger">
  24.                         <ValidationMessage For="@(() => _loginUser.Password)" />
  25.                     </div>
  26.                 </div>
  27.                 <button type="submit" class="btn btn-primary w-100" disabled="@_authenticating">
  28.                     <text>Login</text>
  29.                 </button>
  30.                 @if (_loginFailed)
  31.                 {
  32.                     <div class="alert alert-danger mt-3" role="alert">
  33.                         <strong>Invalid username or password</strong>
  34.                     </div>
  35.                 }
  36.             </EditForm>
  37.         </div>
  38.     </div>
  39. </div>
  41. @code {
  42.     private LoginUserModel _loginUser = new();
  43.     private bool _authenticating = false;
  44.     private bool _loginFailed = false;
  46.     protected override async Task OnInitializedAsync()
  47.     {
  48.         AuthenticationState authState = await AuthState.GetAuthenticationStateAsync();
  49.         ClaimsPrincipal user = authState.User;
  51.         if (user is not null 
  52.             && user.Identity is not null
  53.             && user.Identity.IsAuthenticated)
  54.         {
  55.             Nav.NavigateTo("");
  56.         }
  57.     }
  59.     private void OnLogin()
  60.     {
  61.         _loginFailed = false;
  63.         // Authenticate user and update application state
  64.         bool result = Auth.Login(_loginUser);
  66.         if(!result)
  67.         {
  68.             _loginFailed = true;
  69.         }
  70.     }
  71. }

AuthenticationService.cs:

  1. using BlazorSimpleAuth.Models;
  2. using Microsoft.AspNetCore.Components.Authorization;
  4. namespace BlazorSimpleAuth.Authentication;
  6. public class AuthenticationService : IAuthenticationService
  7. {
  8.     private readonly AuthenticationStateProvider _authStateProvider;
  10.     public AuthenticationService(AuthenticationStateProvider authStateProvider)
  11.     {
  12.         _authStateProvider = authStateProvider;
  13.     }
  15.     public bool Login(LoginUserModel loginUser)
  16.     {
  17.         ArgumentNullException.ThrowIfNull(loginUser);
  18.         ArgumentNullException.ThrowIfNull(loginUser.Username);
  19.         ArgumentNullException.ThrowIfNull(loginUser.Password);
  21.         // This code here would never fly in production, and is for demo purposes only. This is
  22.         // the spot you would farm out your authentication to a proper identity provider.
  23.         if (loginUser.Username.Equals("admin", StringComparison.InvariantCultureIgnoreCase)
  24.             && loginUser.Password.Equals("password", StringComparison.InvariantCultureIgnoreCase))
  25.         {
  26.             ((SimpleAuthStateProvider)_authStateProvider).NotifyLoginUser(loginUser);
  27.             return true;
  28.         }
  30.         return false;
  31.     }
  33.     public void Logout()
  34.     {
  35.         ((SimpleAuthStateProvider)_authStateProvider).NotifyUserLogout();
  36.     }
  37. }

SimpleAuthStateProvider.cs:

  1. using BlazorSimpleAuth.Models;
  2. using Microsoft.AspNetCore.Components.Authorization;
  3. using System.Security.Claims;
  5. namespace BlazorSimpleAuth.Authentication;
  7. public sealed class SimpleAuthStateProvider : AuthenticationStateProvider
  8. {
  9.     private readonly AuthenticationState _anonymous;
  10.     private ClaimsIdentity _identity = new();
  12.     public SimpleAuthStateProvider()
  13.     {
  14.         _anonymous = new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity()));
  15.     }
  17.     public override Task<AuthenticationState> GetAuthenticationStateAsync()
  18.     {
  19.         ClaimsPrincipal user = new(_identity);
  20.         return Task.FromResult(new AuthenticationState(user));
  21.     }
  23.     public void NotifyLoginUser(LoginUserModel loginUser)
  24.     {
  25.         ArgumentNullException.ThrowIfNull(loginUser);
  26.         ArgumentNullException.ThrowIfNull(loginUser.Username);
  27.         ArgumentNullException.ThrowIfNull(loginUser.Password);
  29.         _identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, loginUser.Username) }, "SimpleDemo");
  30.         ClaimsPrincipal user = new(_identity);
  31.         NotifyAuthenticationStateChanged(Task.FromResult(new AuthenticationState(user)));
  32.     }
  34.     public void NotifyUserLogout()
  35.     {
  36.         _identity = new ClaimsIdentity();
  37.         NotifyAuthenticationStateChanged(Task.FromResult(_anonymous));
  38.     }
  39. }

此外,如果您想查看Blazor Dating应用程序的示例实现,用于演示/教育/非现实世界的目的,您可以查看此存储库:https://github.com/CodeFontana/DatingApp
然而,这使用Blazor WebAssembly作为前端/客户端,并由Web API支持,该API使用EF Core管理所有数据,包括应用内用户身份管理。
无论如何,希望这能帮助你找到正确的方向。

展开查看全部
赞(0)分享  回复(0)举报  2023-10-23
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com