asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

Web Api Versioning for multi tenant saas application
Validate Thinktecture OAuth Token in web api
Web API Routing changes after DB Refresh
Handle NullObjects across two models web api
ASP.Net Web API POST to table with just a single identity column
Could not load file or assembly 'System.Web.Http, Version=5.0.0.0
404 NotFound with HttpClient
web API versioning using namespace
Web API 2 Is it possible to load a route/controller programmatically?
Why would I get a “503 - Service Unavailable” error when the service is available?
Breeze.js WebApi 2 Startup Issue
Passing JSON Array from Javascript to Web API Controller method
JwtSecurityTokenHandler 4.0.0 Breaking Changes?
XMLHttpRequest cannot load No 'Access-Control-Allow-Origin'
custom and regular methods in web api
Web API routing 404 not found

Categories

HOME
beautifulsoup
developer-tools
c++11
ng-idle
jsf-2.2
graphics
appcelerator
web-hosting
nfs
recordrtc
sendgrid-api-v3
vimdiff
endeca
identity-management
lilypond
breadth-first-search
question2answer
pimcore
tosca
google-api-client
expressionengine3
vex
ntp
dotspatial
send
aws-codecommit
complex-numbers
turfjs
least-squares
hivemq
openproject
timing
tex
ogc
apriori
print-css
oracle-service-bus
placeholder
wc
apache-directory
flask-login
geotiff
tinymce-3
qtranslate
boxing
subnet
meteor-packages
redbeard-ios
windows-azure-queues
i386
udpclient
omniauth-facebook
project-organization
kiosk
include-guards
poppler
text-search
rdflib
mraid
entity-framework-4.3
adehabitathr
imagefilter
ecslidingviewcontroller
modular
mantle
resource-management
pstack
uimanageddocument
garbage
jdb
fitbounds
stress
update-statement
collectionviewsource
blender-2.49
xpsdocument
image-capture

Resources

Encrypt Message



code
soft
python
ios
c
html
jquery
cloud
mobile