asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

Generate bearer token from Swagger
Why put method is not always idempotent in Asp Net Web Api?
Swagger/Swashbuckle redirects to request url
Web api call works locally but not on Azure
Returning binary data with web api
How does OWIN determine the user making a request from the bearer token
ASP.NET Core Web API throws 500, can't debug [on hold]
ObjectDisposedException when trying to use Dependency Injection with CreatePerOwinContext
Hi Friends , Need some suggestion or Asp.net Web API code to work on
response.Content.ReadAsStringAsync Returns List but with empty values
How to create a stand alone .exe DotNetCore WebApi application in Visual Studio 2017?
Migration in asp.net web api
Web API authentication on server
DBContext Lifetime is completely wrong [closed]
Web API authentication - returning the same OAUTH refresh token
Intergrate Asp.net web api with azure mobile service(offline-online syncing).xamarin.android

Categories

HOME
notepad++
ecmascript-6
google-spreadsheet
rendering
appcelerator
access
entity-framework-core
parameters
big-o
hpc
bookmarks
android-json
mvc5
okhttp
categorical-data
ibeacon-android
pega
mautic
endpoint
shared-libraries
scrolltop
magnetic-cards
scsi
imessage
symfony-console
enterprise-miner
database-connection
breadth-first-search
blade
spring-async
systemtime
pimcore
displaytag
direct3d11
data.stackexchange.com
custom-post-type
outliers
wcag
rpgle
mustache
linkedhashmap
jett
contacts
dynamic-jasper
hibernate-search
indy10
yowsup
batching
apiary.io
sim-toolkit
openproject
git-rewrite-history
dcmtk
android-ibeacon
movilizer
plr
procfile
compiler-design
payload
libjpeg
flyout
google-photos
pocketsphinx-android
actor-platform
async.js
gogs
nss
inf
rubaxa-sortable
android-launcher
sql-scripts
teaspoon
rickshaw
insight.database
grails-plugin-rabbitmq
twitter-bootstrap-rails
openargs
bin
rolify
flex++
mantle
preload
mapping-by-code
agility.js
ikimagebrowserview
mysql-error-1205
massive
http-daemon
uideviceorientation
cruisecontrol.rb
updatesourcetrigger
blender-2.49
fault-tolerance
unmanagedresources
image-capture

Resources

Encrypt Message



code
soft
python
ios
c
html
jquery
cloud
mobile