asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

How can we do versioning of help file in web api?
Web api not giving response in xml in internet explorer
Cannot get tables to join properly in Web Api
The route template separator character '/' cannot appear consecutively when adding action to default route
CORS error on requesting OWIN token
WebAPI MVC 6 Blank page
How could I Modify Odata POST/PATCH/PUT Request JSON Payload
how to build carousal using ng2-bootstrap without knowing how many image you want to use in advance?
Navigating ID properties to source with an OData API
Web API modelstate validation: preventing duplicates on certain fields
WebAPI - how do I “overload” the GET method?
How to unit test asp.net api if using Application
Use Application Insights to view all REST API requests per user
Checking user Lockout on token validation in web api 2 with bearer token
Using AES Cyphertext in URL
WEB API 2 Application_Start() firing on dev but not when i deploy on iis server

Categories

HOME
uml
microsoftgraph
localization
cobalt
paraview
developer-tools
polymer
google-spreadsheet
jax-rs
flex
swt
static
interface
sublimetext
angularfire2
bing-maps
ycsb
rtf
modbus-tcp
powershell-v5.0
identity-management
user-experience
windows-server-2003
corpus
nstimer
angular-translate
wcag
errbot
comparable
twiml
ntp
kodi
erb
sammy.js
salesforce-communities
release
node-mssql
metaprogramming
css-position
metawidget
watchface
vmware-fusion
branching-and-merging
postgresql-8.4
apache-directory
strftime
textsum
dotnet-httpclient
configurationmanager
carrot2
java-websocket
offline.js
materialized-path-pattern
redbeard-ios
centrifuge
adafruit
uicolor
avspeechsynthesizer
eigenvector
angular-ui-typeahead
query-by-example
boost-serialization
findfirst
jnlua
directdraw
terracotta
file-move
flock
text-search
doctype
botan
dnssec
bufferedinputstream
gamekit
code-documentation
apache-spark-1.3
uncaught-typeerror
structuremap3
deform
sql-scripts
gii
create.js
grails-domain-class
alternate
fpdi
solace-mq
isqlquery
modular
gpars
diem
virtual-pc
xcode3.2
thttpd
jdb
floating-point-exceptions
stress
denied
creole
ruby-1.8
ajax-polling
web-garden
filesystemobject
lalr
localizable.strings

Resources

Encrypt Message