我正在使用 ASP.NET Core Identity 在 .NET Core 2.1.3 中开发 Razor Pages 项目。
我想知道是否可以使用身份 as a prebuilt UI 授权“注册”页面,无需将所有身份相关代码搭建起来。只有注册用户(最好基于角色)才能够注册新用户。
我尝试在 Startup.cs 文件中添加以下内容,但都没有成功:
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizeFolder("/Admin");
// Trying to authorize the Register-page
options.Conventions.AuthorizeAreaPage("Identity", "/Account/Register");
options.Conventions.AuthorizeAreaPage("Identity", "/Pages/Account/Register");
options.Conventions.AuthorizePage("/Identity/Account/Register");
options.Conventions.AuthorizePage("/Account/Register");
options.Conventions.AuthorizePage("/Identity/Pages/Account/Register");
options.Conventions.AuthorizeFolder("/Identity/Pages/Account");
options.Conventions.AuthorizeFolder("/Identity/Account");
options.Conventions.AuthorizeFolder("/Account");
options.Conventions.AuthorizeFolder("/Areas/Identity/Pages/Account");
options.Conventions.AuthorizeFolder("/Areas/Identity/Pages");
options.Conventions.AuthorizeFolder("/Areas/Identity");
options.Conventions.AuthorizeFolder("/Areas");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
或者,是否可以完全禁止注册新用户?
谢谢!
最佳答案
以下内容对我有用,并使用基于角色的授权。我仍然需要构建一些页面,但仅限于需要更新的页面。
脚手架登录和注册页面
我仅使用以下内容搭建登录和注册页面:
Scaffold identity into a Razor project with authorization
这也很有帮助。有一个演示显示了上述内容:
What's new in Web Development with ASP.NET Core 2.1 : Build 2018
Login.cshtml - 我注释掉了以下内容。
<p>
<a asp-page="./Register" asp-route-returnUrl="@Model.ReturnUrl">Register as a new user</a>
</p>
Register.cshtml.cs - 我删除了AllowAnonymous属性
<s>[AllowAnonymous]</s>
public class RegisterModel : PageModel
Startup.cs - 配置服务
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlite(
Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<IdentityUser, IdentityRole>(options =>{
options.SignIn.RequireConfirmedEmail = true;
})
.AddDefaultUI()
.AddDefaultTokenProviders()
.AddEntityFrameworkStores<ApplicationDbContext>();
// Register no-op EmailSender used by account confirmation and password reset during development
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=532713
services.AddSingleton<Microsoft.AspNetCore.Identity.UI.Services.IEmailSender, EmailSender>();
services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdministratorRole",
policy => policy.RequireRole("Admin"));
options.DefaultPolicy = options.GetPolicy("RequireAdministratorRole");
});
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizePage("/About", "RequireAdministratorRole");
options.Conventions.AuthorizeAreaPage("Identity", "/Account/Register");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
关于razor - 使用 Identity UI 作为库在 ASP.NET Core 2.1 中授权注册页面,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50743667/