.NET RIA Service入门系列文章八：自定义用户身份验证

.NET RIA Service在实际应用中提供了方便快速的数据访问层，那么身份验证也是一个比较头痛的事情，这个问题曾经也一度困扰着我。

最到最近.NET RIA Service home的出现才找到最合适自己使用的方法，不过还是有一些bug，可能是.NET RIA Service还是ctp版的原因。

这里简单讲述一下bug：

客户端可以取得roles的列表，可惜在domain service class里的定义不生效。希望这个问题在.NET RIA Service的下个版本会解决。

在常规使用中我更喜欢使用自定义的表去管理程序的用户，这样灵活度比较高，而且心中也有数，所以一直不想用membership做用户的管理。所以一直寻找.net ria service中的自定义身份验证。祥细操作如下：

1)新建一个domain service class作为验证身份之用。

1:  namespace jacSL3RTMAuthentication.Web

2:  {

3:      using System;

4:      using System.Collections.Generic;

5:      using System.ComponentModel;

6:      using System.ComponentModel.DataAnnotations;

7:      using System.Linq;

8:      using System.Web.Ria;

9:      using System.Web.Ria.Data;

10:      using System.Web.DomainServices;

11:      using System.Data;

12:      using System.Web.DomainServices.LinqToEntities;

13:      using System.Web.Ria.ApplicationServices;

14:      using System.Web;

15:      using System.Web.Security;

16:  

17:  

18:      // Implements application logic using the authenEntities context.

19:      // TODO: Add your application logic to these methods or in additional methods.

20:      [EnableClientAccess()]

21:      public class LoginDomainService : LinqToEntitiesDomainService<authenEntities>,IAuthentication<myUser>

22:      {

23:          #region IAuthentication<myUser> Members

24:  

25:          public myUser GetUser()

26:          {

27:              if ((HttpContext.Current != null) && (HttpContext.Current.User != null) &&

28:                  HttpContext.Current.User.Identity.IsAuthenticated)

29:              {

30:                  var ut = this.Context.userTable.First(u => u.userId.Equals(HttpContext.Current.User.Identity.Name));

31:                  return new myUser() { Name = ut.userId };

32:              }

33:              return null;

34:          }

35:  

36:          public myUser Login(string userName, string password, bool isPersistent, string customData)

37:          {

38:              if ((from u in Context.userTable where u.userId.Equals(userName) select u).Count() ==1 )

39:              {

40:                  var user = Context.userTable.First(u => u.userId.Equals(userName));

41:                  if (user.pwd.Equals(password))

42:                  {

43:                      FormsAuthentication.SetAuthCookie(user.userId, isPersistent);

44:                      return new myUser() { Name=user.userId };

45:                  }

46:              }

47:              return null;

48:          }

49:  

50:          public myUser Logout()

51:          {

52:              FormsAuthentication.SignOut();

53:              return null;

54:          }

55:  

56:          public void UpdateUser(myUser user)

57:          {

58:              throw new NotImplementedException();

59:          }

60:  

61:          #endregion

62:      }

63:  

64:      public class myUser : IUser

65:      {

66:  

67:          #region IUser Members

68:          [Key]

69:          public string Name

70:          {

71:              get;

72:              set;

73:          }

74:  

75:          public IEnumerable<string> Roles

76:          {

77:              get;

78:              set;

79:          }

80:  

81:          #endregion

82:      }

83:  }

2)使用时先到silverlight端的app.xaml中把身份验证定义

1:  <Application xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"

2:              xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" 

3:              xmlns:app="clr-namespace:jacSL3RTMAuthentication"

4:              xmlns:appsvc="clr-namespace:System.Windows.Ria.ApplicationServices;assembly=System.Windows.Ria" 

5:              x:Class="jacSL3RTMAuthentication.App"

6:              >

7:      <Application.ApplicationLifetimeObjects>

8:          <app:RiaContext>

9:              <app:RiaContext.Authentication>

10:                  <appsvc:FormsAuthentication DomainContextType="jacSL3RTMAuthentication.Web.LoginDomainService" />

11:                  <!--<appsvc:WindowsAuthentication/>-->

12:              </app:RiaContext.Authentication>

13:          </app:RiaContext>

14:      </Application.ApplicationLifetimeObjects>

15:  </Application>

16:  

jacSL3RTMAuthentication.Web.LoginDomainService是我定义的命名及空间，实际开发时请按你自己的命名及空间。

3)使用方法，以下是我的一些测试验证的代码：

1:  using System.Windows.Ria.ApplicationServices;

2:  

3:  namespace jacSL3RTMAuthentication

4:  {

5:      public partial class MainPage : UserControl

6:      {

7:          private AuthenticationService authSv = RiaContext.Current.Authentication;

8:          private AuthenticationOperation authOp;

9:  

10:          public MainPage()

11:          {

12:              InitializeComponent();

13:              bt_login.Click += new RoutedEventHandler(bt_login_Click);

14:          }

15:  

16:          void bt_login_Click(object sender, RoutedEventArgs e)

17:          {

18:              authOp = authSv.Login(new LoginParameters(tb_userid.Text, tb_pwd.Password, true, null));

19:              authOp.Completed += new EventHandler(authOp_Completed);

20:          }

21:  

22:          void authOp_Completed(object sender, EventArgs e)

23:          {

24:              LoginOperation lo = (LoginOperation)sender;

25:  

26:              if (lo.LoginSuccess)

27:              {

28:                  MessageBox.Show("welcome " + lo.User.Identity.Name);

29:              }

30:  

31:              if (lo.HasError)

32:              {

33:                  MessageBox.Show(lo.Error.Message);

34:              }

35:  

36:              jacSL3RTMAuthentication.Web.dataDomainContext data = new jacSL3RTMAuthentication.Web.dataDomainContext();

37:              dg.ItemsSource = data.pdTables;

38:              data.Load(data.GetPdTableQuery());

39:  

40:              authSv.Logout();

41:          }

42:      }

43:  }