15-mavzu: Veb autentifikatsiya va identifikatsiya

Download 1,68 Mb.

bet	10/14
Sana	09.06.2022
Hajmi	1,68 Mb.
	#646265

1 ... 6 7 8 9 10 11 12 13 14

Bog'liq
autentifikatsiya, avtorizatsiya, seanslar

17-mavzu: Seans boshqaruvi

Rolni o’zgartirish

@Html.ValidationSummary()
@using (Html.BeginForm())
{

@Model.Role.Name rolga biriktirish

@if (Model.NonMembers.Count() == 0)
{

}
else
{

foreach (AppUser user in Model.NonMembers)
{

}
}

Rolga biriktirilgan barcha foydalanuvchilar
User ID	Rolga biriktirish
@user.UserName

@Model.Role.Name Roldan o’chirish

@if (Model.Members.Count() == 0)
{

}
else
{

foreach (AppUser user in Model.Members)
{

}
}

Ushbu rolga bironta ham foydalanuvchi a’zo emas
User ID	Roldan o’chirish
@user.UserName

@Html.ActionLink("Bekor qilish", "Index", null, new { @class = "btn btn-default" })
}

Rollarni avtorizatsiya qilish uchun qo‘llash
Authorize atributi orqali avtorizatsiya qilish uchun rollarni asos sifatida ishlatish mumkin. Avtorizatsiya jarayonini osonlashtirish uchun, quyidagi misolda ko‘rsatilgandek, foydalanuvchi AccountController ga kirish uchun metod qo‘shamiz:
[Authorize]
public class AccountController : Controller
{
//...

[Authorize]

public ActionResult Logout()
{
AuthManager.SignOut();
return RedirectToAction("Index", "Home");
}

//...
}

HomeController-ni o‘zgartiramiz, unga autentifikatsiyadan o‘tgan foydalanuvchi to‘g‘risida ma’lumot beradigan metod qo‘shamiz:

using System.Collections.Generic;
using System.Web.Mvc;

namespace Users.Controllers

{
public class HomeController : Controller
{
[Authorize]
public ActionResult Index()
{
return View(GetData("Index"));
}

[Authorize(Roles = "Users")]

public ActionResult OtherAction()
{
return View("Index", GetData("OtherAction"));
}

private Dictionary GetData(string actionName)

{
Dictionary dict = new Dictionary();

dict.Add("Action", actionName);

dict.Add("Foydalanuvchi", HttpContext.User.Identity.Name);
dict.Add("Autentifikatsiyadan o’tganmi?", HttpContext.User.Identity.IsAuthenticated);
dict.Add("Autentifikatsiya turi", HttpContext.User.Identity.AuthenticationType);
dict.Add("Users roliga egami?", HttpContext.User.IsInRole("Users"));

return dict;

}
}
}

Ushbu misolda, Index metodi uchun Authorize atributini o‘zgarishsiz qoldirildi, lekin bu atribut OtherAction metodiga qo‘shildi, atributning Roles xossasi orqali faqat “Users” roliga ega foydalanuvchilargina kirishini ta’minlash sozlandi. So‘ng, /Views/Home papkasidagi Index.cshtml ko‘rinishiga dasturdan chiqish tugmachasini qo‘shish kerak:

@Html.ActionLink("Chiqish", "Logout", "Account", null, new { @class = "btn btn-primary" })
Oldin yaratilgan dasturdagi muammolardan biri bu boshqaruv paneliga ega Admin va RoleAdmin kontrollerlarga ochiq kirishdir. Agar ushbu kontrollerlarga kirish cheklansa, foydalanuvchilar va rollarni boshqarish uchun Admin va RoleAdmin-dan foydalanilgani uchun, qanday qilib birinchi administrator yaratiladi? Ushbu muammo dasturni birinchi marta serverga o‘rnatishda, hali biron bir foydalanuvchi yaratilmagan paytda dolzarb bo‘lib qoladi. Ushbu muammoning yechimi – bu Entity Framework yordamida ma’lumotlar bazasi yaratilganida, dastlabki ma’lumotlar bilan uni(ma’lumotlar bazasini) to‘ldirishdir. Bu dasturni birinchi marta o‘rnatganda avtomatik ravishda foydalanuvchilarni yaratadi va ularga rollarni tayinlaydi. Buni amalga oshirish uchun Entity Framework va ASP.NET Identity uchun xos bo‘lgan IdentityDbInit klassidagi PerformInitialSetup metodidan foydalanish kerak. Quyidagi misol “Infrastructure” papkasida joylashgan AppIdentityDbContext.cs fayliga qanday o‘zgarishlar kiritilishi kerakligini ko‘rsatadi.
//...
using Microsoft.AspNet.Identity;

namespace Users.Infrastructure

{
//...

public class IdentityDbInit: DropCreateDatabaseIfModelChanges

{
//...
public void PerformInitialSetup(AppIdentityDbContext context)
{
AppUserManager userMgr = new AppUserManager(new UserStore(context));
AppRoleManager roleMgr = new AppRoleManager(new RoleStore(context));

string roleName = "Administrators";

string userName = "Admin";
string password = "mypassword";
string email = "admin@nuu.uz";
if (!roleMgr.RoleExists(roleName))
{
roleMgr.Create(new AppRole(roleName));
}
AppUser user = userMgr.FindByName(userName);
if (user == null)
{
userMgr.Create(new AppUser { UserName = userName, Email = email },
password);
user = userMgr.FindByName(userName);
}
if (!userMgr.IsInRole(user.Id, roleName))
{
userMgr.AddToRole(user.Id, roleName);
}
}
}
}

Ushbu o‘zgarishlar amalga oshirganidan so‘ng, quyidagi misollarda ko‘rsatilgandek Admin va RoleAdmin kontrolerlarini himoya qilish uchun Authorize atributidan foydalanish mumkin:

[Authorize(Roles = "Administrators")]
public class AdminController : Controller
{
//...
}
[Authorize(Roles = "Administrators,Operators")]
public class RoleAdminController : Controller
{
//...
}

[Authorize(Users = "user1,user2")]

public class SubjectController : Controller
{
//...
}

17-mavzu: Seans boshqaruvi

Reja:

Mijoz va server o‘rtasidagi so‘rovlar
Seans holati (session state)
Seans arxitekturasi
Sessiyaning asosiy afzalliklari va kamchiliklari
ASP.NET da seanslarni ochilishida va tugatilishida chaqiriladigan trigger finksiyalar
Sessiyada ma’lumotni yozish va undan o‘qib olish
Sessiya(Session klassi) metodlari
ASP.NET da sessiya rejimlari
Sessiyalarni boshqarishga misollar

Download 1,68 Mb.

Do'stlaringiz bilan baham:

1 ... 6 7 8 9 10 11 12 13 14