MVC在运行时更新FormsAuthenticationTicket UserData

Question

我正在编写一个带有自定义身份验证和授权的MVC 4 Web应用程序.当用户登录该站点时,我创建了一个FormsAuthenticationTicket并将其存储在cookie中

public void SignIn(string userName, bool createPersistentCookie, string UserData)
{
    if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName");

    // Create and tuck away the cookie
    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddDays(15), createPersistentCookie, UserData);
    // Encrypt the ticket.
    string encTicket = FormsAuthentication.Encrypt(authTicket);

    //// Create the cookie.
    HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
    HttpContext.Current.Response.Cookies.Add(faCookie);
}

该的UserData字符串将是一个管道分隔字符串,它总是包含至少两个项目,用户名| UserRole.可以将用户分配给一个或多个角色,因此,UserData可能看起来像此UserID | UserRole | UserRole | UserRole的

然后我在Global.asax中拥有自己的自定义通用主体

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{

        // Get the authentication cookie
        string cookieName = FormsAuthentication.FormsCookieName;
        HttpCookie authCookie = Context.Request.Cookies[cookieName];

        // If the cookie can't be found, don't issue the ticket
        if (authCookie == null) return;

        // Get the authentication ticket and rebuild the principal
        // & identity
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

        string[] UserData = authTicket.UserData.Split(new Char[] { '|' });

        GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
        GenericPrincipal userPrincipal = new GenericPrincipal(userIdentity, UserData);
        Context.User = userPrincipal;
}

这一切都很好,但是,在我的应用程序中,如果用户有多个角色,当他们登录时,我需要列出他们的角色,然后让他们只选择一个角色去执行基于所选角色的功能.

我想,要做到这一点,也许我可以将用户选择的角色传递给方法,获取他们的FormsAuthenticationTicket并更新UserData以反映他们选择的角色.例如,使用1 | Manager | Applicant创建UserData字符串,然后我需要列出这两个角色并询问用户要在哪个角色下执行功能,他们选择Manager然后我将其FormsAuthenticationTicket中的UserData更新为1 |经理.

这甚至可能,或者有更好的方法吗？

任何帮助将不胜感激.

感谢大家.

Answer 1

你总是可以改变FormsAuthenticationTicket.

HttpCookie cookie = FormsAuthentication.GetAuthCookie(Username, true);
var ticket = FormsAuthentication.Decrypt(cookie.Value);

var newticket = new FormsAuthenticationTicket(ticket.Version,
                                              ticket.Name,
                                              ticket.IssueDate,
                                              ticket.Expiration,
                                              true, 
                                              "new user data",
                                              ticket.CookiePath);

cookie.Value = FormsAuthentication.Encrypt(newticket);
cookie.Expires = newticket.Expiration.AddHours(24);
HttpContext.Current.Response.Cookies.Set(cookie);