nik
Reputation: 1479
How to add and enable OWIN role to a logged in user?
I'm using MVC 5 with OWIN authentication. When adding a role to a signed in user it won't take effect until user relogs:
[Authorize(Roles = "Role1")]
public async Task<ActionResult> Action()
{
var currentUser = AuthenticationManager.User;
var currentUserId = currentUser.Identity.GetUserId();
var result = await UserManager.AddToRoleAsync(currentUserId, "Role2"); //result confirms role added
return RedirectToAction("AnotherAction", "Controller");
}
// not accessible until relog
[Authorize(Roles = "Role2")]
public ActionResult AnotherAction()
{
return View();
}
How do make role changes take effect immediately?
Upvotes: 4
Views: 1170
Answers (1)
DavidEdwards
Reputation: 593
I believe that the AddUserToRole method does the assignment at the database level. While this probably needs to happen also, what you need to do is refresh the current identity.
Short answer: Cast the IPrincipal to a ClaimsPrincipal and cast the IIdentity to a ClaimsIdentity. Then you can just add the claim.
ClaimsPrincipal currentPrincipal = (ClaimsPrincipal)this.User;
ClaimsIdentity currentIdentity = (ClaimsIdentity)currentPrincipal.Identity;
currentIdentity.AddClaim(new Claim(ClaimTypes.Role, "Role2"));
Upvotes: 1
Related Questions
- How to get the logged user with an OWIN authentication?
- Authorization roles WebAPI oauth owin
- ASP.NET API Owin login as another user
- ASP.NET Web Api with Role based authorization
- Owin Authorization denies Roles
- How to add roles to newly created users in ASP.NET using OWIN
- How to add roles to users in ASP.NET with OWIN
- Create UI in MVC 5 to manage OWIN roles
- Current user in owin authentication
- How to setup OWIN with Windows authentication and a custom role provider