I am using AspNetCore Identity and trying to get the UserID of the currently logged in user using AuthenticationStateProvider. I am logging to the console the output however, the username outputs fine but the ID appears empty. The ID field is not empty in the db table. When printing all the claims the subs field seems to be the correct ID. Am I incorrectly retrieving the ID? The approach to retrieve the ID was suggested from another post I found; code is shown below. How might I retrieve the sub value which is the userID, in my page using AuthenticationStateProvider? Thanks in advance.
Retrieving UserID
var user = (await ASP.GetAuthenticationStateAsync()).User;
var UserStringId = user.FindFirst(c => c.Type.Equals(user.Identity.Name))?.Value;
Browser console output
USER ID: blazor.webassembly.js:1
NAME: user4#gmail.com
Sub is correct ID when looping through Claims
var user = (await ASP.GetAuthenticationStateAsync()).User;
var item = user.Claims;
foreach(var x in item)
{
Console.WriteLine(x);
}
Browser console output
s_hash: EQ_bVJS8n32qtUam0wZ1MA
sid: 2E6B597CC9644CFEFDD627532B761F02
sub: 5685a830-cb82-4b60-b459-c0852cc74563 // trying to retrieve this ID
//...
preferred_username: user4#gmail.com
name: user4#gmail.com
Try:
user.FindFirst(c => c.Type == "sub")?.Value
I'm trying to create login page using react front-end and ASP .NET core Back-end.
SO while a user login to the system I have to use the query like
Select * from UserLogin where email="asbhf#gmail.com"
so that my API URL should be
https://localhost:44383/api/UserLogins?email="asbhf#gmail.com"
So that, I tried this code in my UserLoginController.cs
// GET: api/UserLogins?email="asd#gmail.com"
public async Task<IActionResult> GetUserLogin([FromRoute] string email)
{
if (email == null)
{
return NotFound();
}
string query = "SELECT * FROM UserLogin WHERE email = #email";
var UserLogin = await _context.UserLogin
.FromSql(query, email)
.Include(d => d.Username)
.AsNoTracking()
.FirstOrDefaultAsync();
if (UserLogin == null)
{
return NotFound();
}
return Ok(UserLogin);
}
but, It won't print any out put as I expect. Could you please give me any hint to solve my issue.
Firstly , The Include method specifies the related objects to include in the query results. It can be used to retrieve some information from the database and also want to include related entities , not specify the fields to return. For more details , you could refer to here.
Secondly , there are some errors in your data query section , try the following modification:
string query = $"SELECT Username FROM UserLogin WHERE email = #email";
var p1 = new SqlParameter("#email", email);
var UserLogin = await _context.UserLogin
.FromSql(query, p1)
.AsNoTracking()
.FirstOrDefaultAsync();
You could take a look at Executing Raw SQL Queries for the usage of FromSql.
I refer write sql query for entityframework
So my working code is
var UserLogin = _context.UserLogin.Where(c => c.Email == email);
I am migrating tens of thousands of users from an old website that didn't have a password in the database to this new web application, however, when I try to import the users using the async method, it ends up taking several days to the point where I just ended up cancelling it after a few days.
Now I have resorted to just creating new users directly from _context.Users.Add and assigning their roles, which i can do without a problem.. However, I can't seem to figure out how to create a generic password (all the same password) as these users will just be given a password to view a livestream (doesn't need to be super secure), but I still need the security part for the admin accounts that handle other stuff through the client/admin side UI. If a user signs in, I will have it automatically enter the default password for them.
For some reason though, I cannot get the password hasher to work correctly, as when I sign in, it says that the password is wrong...
This is what I'm using to generate the password and create the users...
var appUser = new ApplicationUser() {
Id = GenerateId(),
AccessFailedCount = 0,
Email = user[1],
PasswordHash = "",
FullName = "Standard User",
UserName = user[1],
PhoneNumber = user[8],
FirstName = user[2],
LastName = user[3],
JoinMailingList = user[4],
Country = user[5],
City = user[6],
StateRegion = user[7]
};
_context.Users.Add(appUser);
var options = new PasswordHasherOptions();
options.CompatibilityMode = PasswordHasherCompatibilityMode.IdentityV2;
var hasher = new PasswordHasher < ApplicationUser > ();
appUser.PasswordHash = hasher.HashPassword(appUser, "Default8!");
var role = _context.Roles.FirstOrDefault(r => r.Name == "user");
if (role != null) {
var userRole = new IdentityUserRole < string > ();
userRole.RoleId = role.Id;
userRole.UserId = appUser.Id;
_context.UserRoles.Add(userRole);
}
}
_context.SaveChanges();
Can anyone help me out with how I'm supposed to Hash a password to store into the database?
If a user signs in, I will have it automatically enter the default password for them.
If you are using .net core Identity, you can use UserManager.CreateAsync to create the specified user in the backing store with given password:
public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Identity.IdentityResult> CreateAsync (TUser user, string password);
Code below is for your reference:
var user = new ApplicationUser { UserName = "wx2#hotmail.com", Email = "wx2#hotmail.com" };
var result = await _userManager.CreateAsync(user, "YourPassWord");
if (result.Succeeded)
{
}
The Identity system will help create the password hash and store in the database . If you still need to manually hash the password , see IPasswordHasher interface .
Edit:
If you want to directly insert/update via database context, you should set correct NormalizedUserName and SecurityStamp to make the system work:
ApplicationUser applicationUser = new ApplicationUser();
Guid guid = Guid.NewGuid();
applicationUser.Id = guid.ToString();
applicationUser.UserName = "wx#hotmail.com";
applicationUser.Email = "wx#hotmail.com";
applicationUser.NormalizedUserName = "wx#hotmail.com";
_context.Users.Add(applicationUser);
var hasedPassword = _passwordHasher.HashPassword(applicationUser, "YourPassword");
applicationUser.SecurityStamp = Guid.NewGuid().ToString();
applicationUser.PasswordHash = hasedPassword;
_context.SaveChanges();
As an addition, if you just want to Update the Password field of an given User:
var oldUser = await _userManager.GetUserAsync(User);
var result = await _userManager.ChangePasswordAsync(oldUser,
updateUserVm.CurrentPassword,
updateUserVm.NewPassword);
And an example to the Question "How I'm supposed to Hash a password?". You could Hash a registered Users Password with the UserManager-Referenced PasswordHasher like this:
ApplicationUser user = _userManager.Users...;
user.PasswordHash = _userManager.PasswordHasher.HashPassword(user, newPassword);
I write my class PasswordHasher based on .net6 PasswordHasher docs latest version (V3) in this stackoverflow answer :
https://stackoverflow.com/a/72429730/9875486
I would like require a certain role on the user in order for them to use/execute specific commands.
Is there an easy way to do this for individual commands?
This is using Discord.Net 1.0
var User = Context.User as SocketGuildUser;
var role = Context.Guild.Roles.FirstOrDefault(x => x.Name == "ROLENAME");
if (User.Roles.Contains(role))
{
// do stuff
}
i m making wcf service for login. my code for accesssing db data using linq is :
var result = from detail in dc.tbl_User_Masters where detail.User_Type_Id == 2
select new UserVerification
{
Uname = detail.User_Login_Name,
Password = detail.User_Pwd
};
where UserVerification is class which has Uname and Password properties stored..now how to check that variable that if they are null then we'll not allow login...i dont know how to do that with linq..
You probably need to filter on the user/password you're trying to authenticate:
var givenUname = "robertpaulson";
var givenPassword = "bob";
var result = (
from detail in dc.tbl_User_Masters
where detail.User_Type_Id == 2
where detail.User_Login_Name == givenUname && detail.User_Pwd == givenPassword
select detail
).SingleOrDefault();
Now result will either be null or have the details for the authenticated user.
You don't have to do that in Linq. You have completed your linq part.
You may use
if (result == null) {//code for stoping the login process}
or
if (result.UserName == null) {//code for stoping the login process}