diff options
| author | crupest <crupest@outlook.com> | 2020-11-13 16:20:45 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-13 16:20:45 +0800 |
| commit | 381cb7c64123c71899f549baa16bb610cc8b037f (patch) | |
| tree | dfb4dd690704e887e3609265e6a652fe7ccea218 /BackEnd/Timeline/Auth/MyAuthenticationHandler.cs | |
| parent | 5b78017e93450342c85a0e7f5ed16bbb6ae8422e (diff) | |
| parent | b635b4453756d9a33c173c9b9f2ae0ab7c830d3b (diff) | |
| download | timeline-381cb7c64123c71899f549baa16bb610cc8b037f.tar.gz timeline-381cb7c64123c71899f549baa16bb610cc8b037f.tar.bz2 timeline-381cb7c64123c71899f549baa16bb610cc8b037f.zip | |
Merge pull request #183 from crupest/auth
Refactor auth module to enable more flexiable permission control.
Diffstat (limited to 'BackEnd/Timeline/Auth/MyAuthenticationHandler.cs')
| -rw-r--r-- | BackEnd/Timeline/Auth/MyAuthenticationHandler.cs | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs b/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs index 3c97c329..b5e22a14 100644 --- a/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs +++ b/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs @@ -17,6 +17,7 @@ namespace Timeline.Auth {
public const string Scheme = "Bearer";
public const string DisplayName = "My Jwt Auth Scheme";
+ public const string PermissionClaimName = "Permission";
}
public class MyAuthenticationOptions : AuthenticationSchemeOptions
@@ -78,12 +79,12 @@ namespace Timeline.Auth try
{
- var userInfo = await _userTokenManager.VerifyToken(token);
+ var user = await _userTokenManager.VerifyToken(token);
var identity = new ClaimsIdentity(AuthenticationConstants.Scheme);
- identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userInfo.Id!.Value.ToString(CultureInfo.InvariantCulture), ClaimValueTypes.Integer64));
- identity.AddClaim(new Claim(identity.NameClaimType, userInfo.Username, ClaimValueTypes.String));
- identity.AddClaims(UserRoleConvert.ToArray(userInfo.Administrator!.Value).Select(role => new Claim(identity.RoleClaimType, role, ClaimValueTypes.String)));
+ identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(CultureInfo.InvariantCulture), ClaimValueTypes.Integer64));
+ identity.AddClaim(new Claim(identity.NameClaimType, user.Username, ClaimValueTypes.String));
+ identity.AddClaims(user.Permissions.Select(permission => new Claim(AuthenticationConstants.PermissionClaimName, permission.ToString(), ClaimValueTypes.String)));
var principal = new ClaimsPrincipal();
principal.AddIdentity(identity);
|