I am trying to create a permissions system in an ASP.NET MVC Application. I have been learning the newest Identity framework - here are my requirements:
Through extending ASP.NET Identity, is it going to be possible for me to accomplish all of this? Or should I be building something custom from the ground-up?
9,999 times out of 10,000 implementing your own authentication system is the wrong way to go. Anything is easier than that, and it's a deceptively difficult thing to do right. ASP.NET Identity is actually pretty customizable, as it was created specifically for that purpose. You might need to do quite a bit to bootstrap your custom requirements fully, but it'll almost certainly be quicker and more secure using ASP.NET Identity.
UPDATE
UserManager
's constructor takes an implementation of IUserStore
. When working with Entity Framework, you typically just feed it Microsoft.AspNet.Identity.EntityFramework.UserStore
, but this is your tie in point for extensibility. So, you can simply subclass UserStore
and then override something like GetRolesAsync
to do whatever custom role logic you need to implement. Then you'd just feed UserManager
your subclass.
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句