I need to store an ID against a user that will be used in EVERY action that is carried out on my web application. I had hoped to use a customized authorization ActionFilterAttribute
(on an entire controller) to populate the ViewData
with this additional info, but it turns out that a whole STACK of stuff runs before these ActionFilterAttributes
do e.g. ModelBinding, Controller construction
我需要针对一个用户存储一个ID,这个用户将在我的web应用程序上执行的每个操作中使用。我曾希望使用定制的授权ActionFilterAttribute(在整个控制器上)用这个附加信息填充ViewData,但事实证明,在这些ActionFilterAttributes做例如模型绑定、控制器构造之前,整个堆栈都在运行
I thought perhaps there may be a way to extend the HttpContext.User.Identity
to store additional data but have no idea even where to start.
我认为可能有一种方法可以扩展HttpContext.User。标识来存储额外的数据,但甚至不知道从哪里开始。
Any ideas?
什么好主意吗?
2 个解决方案
#1
1
SOLUTION
Looking around in more detail on * I came across this solution that does EXACTLY what I want and in a super clean and proper way (HINT: It uses the userData
property of the FormsAuthenticationCookie
- https://*.com/a/10524305/175893
我在*上看到了更详细的解决方案,它完全符合我的要求,而且非常干净和正确(提示:它使用了FormsAuthenticationCookie的userData属性—https://*.com/a/105245/175893
#2
0
One option is to have a global (static) ConcurrentDictionary
and store any additional information regarding the identity/user there - use whatever is convenient as a key... since this dictionary is thread-safe and implemented mostly lock-free it provides excellent performance... this way you don't need to mess around with any ASP.NET-specific stuff...
一种选择是拥有一个全局(静态)ConcurrentDictionary,并在其中存储关于标识/用户的任何附加信息——使用任何方便的键……由于本词典是线程安全的,并且大多数是无锁的,它提供了出色的性能…这样您就不需要使用任何ASP了。NET-specific东西……
#1
1
SOLUTION
Looking around in more detail on * I came across this solution that does EXACTLY what I want and in a super clean and proper way (HINT: It uses the userData
property of the FormsAuthenticationCookie
- https://*.com/a/10524305/175893
我在*上看到了更详细的解决方案,它完全符合我的要求,而且非常干净和正确(提示:它使用了FormsAuthenticationCookie的userData属性—https://*.com/a/105245/175893
#2
0
One option is to have a global (static) ConcurrentDictionary
and store any additional information regarding the identity/user there - use whatever is convenient as a key... since this dictionary is thread-safe and implemented mostly lock-free it provides excellent performance... this way you don't need to mess around with any ASP.NET-specific stuff...
一种选择是拥有一个全局(静态)ConcurrentDictionary,并在其中存储关于标识/用户的任何附加信息——使用任何方便的键……由于本词典是线程安全的,并且大多数是无锁的,它提供了出色的性能…这样您就不需要使用任何ASP了。NET-specific东西……