asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

Asp.net Web Api 2 Identity - How to implement short lived access_tokens that are extended / re-issued
PdfSharp, ASP.NET Web API, and PDFs created by Word 2010
Getting the current MediaTypeFormatter from the Request object, possible?
Posting site to IIS - cannot find files
How Get Length of response in ASP.net Web API controller?
Extending webapi 2.1's help page to include additional data
Problems Injecting properties with Simple Injector on Web Api ActionFilters
MVC5, Web API 2 and Ninject
Applying RazorEngine to just some WebApi responses
Asp.Net Mvc Web Api Routing 404
Integration testing with Web API - non-InMemory-tests or InMemory tests -
WEB API OnAuthorization is Called Twice
Access user's info domain or username and login into web api
How to customize authentication to my own set of tables in asp.net web api 2?
MVC 4 WebAPI - Is there a way to get a dictionary of values passed to a POST action?
How to handle status codes with .NET web API?

Categories

HOME
porting
fuelux
cheerio
depth
apiblueprint
graphics
devise
can
mips
vert.x
opengl-3
drop-down-menu
ipmitool
radgridview
gource
android-intent
intershop
imageresizer
beautifier
opentk
motion-detection
corpus
outliers
google-earth
modernizr
unordered-map
setup.py
trigonometry
stringtokenizer
escpos
postgresql-8.4
subclipse
clang++
cnc
activeperl
spring-data-couchbase
backbone-collections
filehandle
gameplay-kit
swingworker
rsa-archer-grc
change-tracking
reporting-services-2012
macaulay2
turbo-prolog
nupic
design-principles
phpgrid
iokit
jdi
include-guards
fuelcms
coda
skspritenode
jsvc
canvg
rapidsvn
xml-namespaces
parallel-testing
twitter-bootstrap-rails
inputmismatchexception
modular
workitem
fitbounds
node-redis
landscape-portrait
rmdir
cgbitmapcontextcreate
delimited-text
application-verifier
tabpanel
murmurhash
dsoframer

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App