asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

Cannot read property ‘children’ of undefined ionic
ASP.NET Core WebAPI 404 error
Get handle to a Quartz running job in another app
In IdentityServer3, why are all identity claims excluded from the id_token if an access token is also requested?
Return Null JSON Response instead of empty response {}
Is there any api available to download csi file (Challan File) from NSDL Website in C# Web API?
Creating a variable zip archive on the fly, estimating file size for content-length
Multipart request rejected by Web API
Live-Streaming webcam webm stream (using getUserMedia) by recording chunks with MediaRecorder over WEB API with WebSockets and MediaSource
Avoiding Duplicate Challenges in AuthenticationFilter
Choose best authentication and authorization option for Web API
How can i get message from telegram channel into my bot?
How to prioritize the reponse over request in ASP.NET Web Api
OData v4 unbound function with custom routing
How to use multiple connection string in entity framework 6.0
Request URL Too Long for fetchXml query types

Categories

HOME
sonarqube
c++11
gpu
depth
serialization
error-handling
opendj
zip
crystal-lang
qpython
mod-security
windows-ce
why3
onedrive-api
atlassian
gruntfile
entitymanager
asp.net-mvc-viewmodel
production
delphi-xe5
ember-cli
react-toolbox
imageresizer
surveymonkey
interbase
anki
reactjs.net
sharding
browser-extension
mnist
processwire
batching
xajax
lint
sessionstorage
projects-and-solutions
diacritics
congestion-control
placeholder
flask-login
optimizely
nanoc
ntvs
cnc
hammer.js
zenhub
scalding
opengl-4
sundials
redbeard-ios
xdoclet
observablecollection
http-status-code-401
cda
piracy-prevention
character-replacement
boomerang
decimalformat
iokit
rate-limiting
android-launcher
text-search
finalbuilder
jdk1.7
typemock
dronekit-android
rrule
cakephp-2.7
actionfilterattribute
public-html
document-repository
ssis-data-flow
big-ip
easyrtc
gnumeric
mutual-authentication
file-not-found
vbe
multiautocompletetextview
mysql-error-1044
joomla-template
monotouch.dialog
thttpd
window-decoration
kqueue
denied
luajava
instantiationexception
tabpanel
spread
echo3
lxr
sifr3
dsoframer

Resources

Database Users
RDBMS discuss
Database Dev&Adm
javascript
java
csharp
php
android
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App