diff options
| author | crupest <crupest@outlook.com> | 2020-11-13 16:20:45 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-13 16:20:45 +0800 |
| commit | 299067a798077363d0df281fc3bfb4160df06e1f (patch) | |
| tree | 9750c3e57d803efaa65a13c9c47886746d77d721 /BackEnd/Timeline/Auth/MyAuthenticationHandler.cs | |
| parent | 0c789f235f38aa238048b31b9715810d397d3420 (diff) | |
| parent | 79673878b5427bbedbc4ff4323dce3958d307b49 (diff) | |
| download | timeline-299067a798077363d0df281fc3bfb4160df06e1f.tar.gz timeline-299067a798077363d0df281fc3bfb4160df06e1f.tar.bz2 timeline-299067a798077363d0df281fc3bfb4160df06e1f.zip | |
Merge pull request #183 from crupest/auth
Refactor auth module to enable more flexiable permission control.
Diffstat (limited to 'BackEnd/Timeline/Auth/MyAuthenticationHandler.cs')
| -rw-r--r-- | BackEnd/Timeline/Auth/MyAuthenticationHandler.cs | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs b/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs index 3c97c329..b5e22a14 100644 --- a/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs +++ b/BackEnd/Timeline/Auth/MyAuthenticationHandler.cs @@ -17,6 +17,7 @@ namespace Timeline.Auth {
public const string Scheme = "Bearer";
public const string DisplayName = "My Jwt Auth Scheme";
+ public const string PermissionClaimName = "Permission";
}
public class MyAuthenticationOptions : AuthenticationSchemeOptions
@@ -78,12 +79,12 @@ namespace Timeline.Auth try
{
- var userInfo = await _userTokenManager.VerifyToken(token);
+ var user = await _userTokenManager.VerifyToken(token);
var identity = new ClaimsIdentity(AuthenticationConstants.Scheme);
- identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userInfo.Id!.Value.ToString(CultureInfo.InvariantCulture), ClaimValueTypes.Integer64));
- identity.AddClaim(new Claim(identity.NameClaimType, userInfo.Username, ClaimValueTypes.String));
- identity.AddClaims(UserRoleConvert.ToArray(userInfo.Administrator!.Value).Select(role => new Claim(identity.RoleClaimType, role, ClaimValueTypes.String)));
+ identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(CultureInfo.InvariantCulture), ClaimValueTypes.Integer64));
+ identity.AddClaim(new Claim(identity.NameClaimType, user.Username, ClaimValueTypes.String));
+ identity.AddClaims(user.Permissions.Select(permission => new Claim(AuthenticationConstants.PermissionClaimName, permission.ToString(), ClaimValueTypes.String)));
var principal = new ClaimsPrincipal();
principal.AddIdentity(identity);
|