ASP.NET Identity系列02，在ASP.NET MVC中增删改查用户

本篇体验在ASP.NET MVC中使用ASP.NET Identity增删改查用户。源码在这里：https://github.com/darrenji/UseIdentityCRUDUserInMVC在VS2013中创建一个MVC项目，用默认的"无身份验证"作为身份验证机制。通过控制台下载Bootstrap。Install-Package -version 3.0.3 bootstrap下载成功后，在解决方案下的Content和Scripts多了该版本的css和js文件。把创建项目默认HomeController中的所有Action以及/Views/Home下的所有视图删除。热热身先来做一个简单练习。在HomeController中的Index方法中，把一个字典传递给视图。

public class HomeController : Controller

{

public ActionResult Index()

    {

Dictionary<string, object> data = new Dictionary<string, object>();

data.Add("placeholder", "placeholder");

return View(data);

}

}

_Layout.cshtml设置如下：

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

<meta charset="utf-8" />

<meta name="viewport" content="width=device-width, initial-scale=1.0">

<title>ASP.NET Identity实战</title>

<link href="~/Content/bootstrap.min.css" rel="stylesheet" />

<link href="~/Content/bootstrap-theme.min.css" rel="stylesheet" />

<style>

.container {padding-top:10px;}

.validation-summary-errors{color:red;}

</style>

</head>

<body>

    <div class="container">

        @RenderBody()

    </div>

    @Scripts.Render("~/bundles/jquery")

    @Scripts.Render("~/bundles/bootstrap")

    @RenderSection("scripts", required: false)

</body>

Home/Index.cshtml视图中：

@{

    ViewBag.Title = "Index";

    Layout = "~/Views/Shared/_Layout.cshtml";

}

<div class="panel panel-primary">

    <div class="panel-heading">用户明细</div>

    <table class="table table-striped">

        @foreach (string key in Model.Keys)

    {

            <tr>

                <th>@key</th>

                <td>@Model[key]</td>

            </tr>

}

    </table>

</div>

前期准备分别安装如下组件。Install-Package Microsoft.AspNet.Identity.EntityFramework –Version 2.0.0Install-Package Microsoft.AspNet.Identity.OWIN -Version 2.0.0Install-Package Microsoft.Owin.Host.SystemWeb -Version 2.1.0配置Web.config如下：

<?xml version="1.0" encoding="utf-8"?>

<!--

  有关如何配置 ASP.NET 应用程序的详细信息，请访问

http://go.microsoft.com/fwlink/?LinkId=301880

  -->

<configuration>

  <configSections>

    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->

    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />

  </configSections>

  <connectionStrings>

    <add name="IdentityDb" providerName="System.Data.SqlClient" connectionString="Data Source=(localdb)\v11.0;Initial Catalog=IdentityDb;Integrated Security=True;Connect Timeout=15;Encrypt=False;TrustServerCertificate=False;MultipleActiveResultSets=True"/>

</connectionStrings>

  <appSettings>

    <add key="webpages:Version" value="3.0.0.0" />

    <add key="webpages:Enabled" value="false" />

    <add key="ClientValidationEnabled" value="true" />

    <add key="UnobtrusiveJavaScriptEnabled" value="true" />

    <add key="owin:AppStartup" value="WebApplication4.IdentityConfig" />

  </appSettings>

  <system.web>

    <compilation debug="true" targetFramework="4.5" />

    <httpRuntime targetFramework="4.5" />

  </system.web>

  <runtime>

    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">

      <dependentAssembly>

        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />

        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />

      </dependentAssembly>

      <dependentAssembly>

        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />

        <bindingRedirect oldVersion="1.0.0.0-5.0.0.0" newVersion="5.0.0.0" />

      </dependentAssembly>

      <dependentAssembly>

        <assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />

        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />

      </dependentAssembly>

      <dependentAssembly>

        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />

        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />

      </dependentAssembly>

      <dependentAssembly>

        <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />

        <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />

      </dependentAssembly>

    </assemblyBinding>

  </runtime>

  <entityFramework>

    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />

    <providers>

      <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />

    </providers>

  </entityFramework>

</configuration>

以上，● 增加了connectionStrings节点，将自动创建localdb数据库● 在appSettings节点中增加了一个key为owin:AppStartup项，这是确保OWIN运行正常的全局配置在Models文件夹下创建如下类。

    public class AppUser : IdentityUser

{

}

在解决方案下创建Infrastructure文件夹。在Infrastructure文件夹下创建一个上下文类，需要实现IdentityDbContext<>接口。

   public class AppIdentityDbContext : IdentityDbContext<AppUser>

{

        public AppIdentityDbContext()

            : base("IdentityDb")

    {

}

        static AppIdentityDbContext()

    {

            //使用EF Code First第一次创建的时候调用

            Database.SetInitializer<AppIdentityDbContext>(new IdentityDbInit());

}

        public static AppIdentityDbContext Create()

    {

            return new AppIdentityDbContext();

}

}

    //初始化

    public class IdentityDbInit : DropCreateDatabaseIfModelChanges<AppIdentityDbContext>

{

        protected override void Seed(AppIdentityDbContext context)

    {

            PerformInitialSetup(context);

            base.Seed(context);

}

        //初始化工作

        public void PerformInitialSetup(AppIdentityDbContext context)

        { }

}

在Infrastructure文件夹下创建一个管理用户的类，需要继承UserManager<AppUser>类。还记得，先前在appSettings节点中配置了一个如下方式：<add key="owin:AppStartup" value="WebApplication4.IdentityConfig" />OWIN需要一个全局启动文件，默认会到项目的顶级命名空间下找IdentityConfig这个类。

那就在App_Start中创建IdentityConfig这个类，这个类在WebApplication4这个命名空间下。

namespace WebApplication4

{

    public class IdentityConfig

{

        public void Configuration(IAppBuilder app)

    {

            app.CreatePerOwinContext<AppIdentityDbContext>(AppIdentityDbContext.Create);

            app.CreatePerOwinContext<AppUserManager>(AppUserManager.Create);

            app.UseCookieAuthentication(new CookieAuthenticationOptions {

                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,

                LoginPath = new Microsoft.Owin.PathString("/Account/Login")

    });

}

}

}

显示用户创建AdminController，现在可以向视图传递所有的用户了，编写如下：

    public class AdminController : Controller

{

public ActionResult Index()

    {

            return View(UserManager.Users);

}

        private AppUserManager UserManager

    {

            get

        {

                return HttpContext.GetOwinContext().GetUserManager<AppUserManager>();

}

}

}

再创建Admin/Index.cshtml类型为IEnumerable<AppUser>的强类型视图。

@model IEnumerable<WebApplication4.Models.AppUser>

@{

    ViewBag.Title = "Index";

    Layout = "~/Views/Shared/_Layout.cshtml";

}

<div class="panel panel-primary">

    <div class="panel-heading">

        所有用户账户

    </div>

    <table class="table table-striped">

        <tr><th>ID</th><th>Name</th><th>Email</th><th></th></tr>

        @if (Model.Count() == 0)

    {

            <tr><td colspan="4" class="text-center">还没有创建用户</td></tr>

}

        else

    {

            foreach (WebApplication4.Models.AppUser user in Model)

        {

                <tr>

                    <td>@user.Id</td>

                    <td>@user.UserName</td>

                    <td>@user.Email</td>

                    <td>

                        @using (Html.BeginForm("Delete", "Admin",

                            new { id = user.Id }))

                    {

                            @Html.ActionLink("编辑", "Edit", new { id = user.Id },

                                    new { @class = "btn btn-primary btn-xs" })

                            <button class="btn btn-danger btn-xs"

                                    type="submit">

                                删除

                            </button>

        }

                    </td>

                </tr>

}

}

    </table>

</div>

@Html.ActionLink("创建用户", "Create", null, new { @class = "btn btn-primary" })

创建用户在Models文件夹下创建一个视图模型。

namespace WebApplication4.Models

{

    public class CreateModel

{

        public string Id { get; set; }

        [Required]

        public string Name { get; set; }

        [Required]

        public string Email { get; set; }

        [Required]

        public string Password { get; set; }

}

}

在AdminController中添加创建用户相关的方法。

   public class AdminController : Controller

{

public ActionResult Index()

    {

            return View(UserManager.Users);

}

        //创建显示

        public ActionResult Create()

    {

            return View();

}

        [HttpPost]

        public async Task<ActionResult> Create(CreateModel model)

    {

            if(ModelState.IsValid)

        {

                var user = new AppUser{UserName = model.Name, Email = model.Email};

                IdentityResult result = await UserManager.CreateAsync(user, model.Password);

                if(result.Succeeded)

            {

                    return RedirectToAction("Index");

        }else{

                    AddErrorsFromResult(result);

}

}

            return View(model);

}

        //创建接收

        private void AddErrorsFromResult(IdentityResult result)

    {

            foreach(var error in result.Errors)

        {

                ModelState.AddModelError("", error);

}

}

        private AppUserManager UserManager

    {

            get

        {

                return HttpContext.GetOwinContext().GetUserManager<AppUserManager>();

}

}

}

在Admin/Create.cshtml视图页中：

@model WebApplication4.Models.CreateModel

@{

    ViewBag.Title = "Create";

    Layout = "~/Views/Shared/_Layout.cshtml";

}

<h2>Create</h2>

@using (Html.BeginForm())

{

    @Html.AntiForgeryToken()

    <div class="form-horizontal">

        <h4>创建用户</h4>

        <hr />

        @Html.ValidationSummary(true)

        <div class="form-group">

            @Html.LabelFor(model => model.Name, new { @class = "control-label col-md-2" })

            <div class="col-md-10">

                @Html.EditorFor(model => model.Name)

                @Html.ValidationMessageFor(model => model.Name)

            </div>

        </div>

        <div class="form-group">

            @Html.LabelFor(model => model.Email, new { @class = "control-label col-md-2" })

            <div class="col-md-10">

                @Html.EditorFor(model => model.Email)

                @Html.ValidationMessageFor(model => model.Email)

            </div>

        </div>

        <div class="form-group">

            @Html.LabelFor(model => model.Password, new { @class = "control-label col-md-2" })

            <div class="col-md-10">

                @Html.EditorFor(model => model.Password)

                @Html.ValidationMessageFor(model => model.Password)

            </div>

        </div>

        <div class="form-group">

            <div class="col-md-offset-2 col-md-10">

                <input type="submit" value="创建用户" class="btn btn-default" />

            </div>

        </div>

    </div>

}

<div>

    @Html.ActionLink("返回", "Index")

</div>

点击"创建"按钮，创建成功返回显示用户页面。oh, my god,只是配置了一下就有数据了？ 数据在哪呢？点击左上角的"服务器资源管理器"，右键"IdentityDb"，点击"刷新"。再打开AspNetUsers表，刚创建的用户赫然在列。好像还有点欠缺，用户输入密码的时候，总应该有些限制吧。能想到的，ASP.NET Identity都为我们准备好了。有一个PasswordValidator类就是干这个的。在Infrastructure文件夹中创建一个PasswordValidator类的继承子类。

namespace WebApplication4.Infrastructure

{

    public class CustomPasswordValidator : PasswordValidator

{

        public override async Task<IdentityResult> ValidateAsync(string pass)

    {

            IdentityResult result = await base.ValidateAsync(pass);

            if (pass.Contains("12345"))

        {

                var errors = result.Errors.ToList();

                errors.Add("密码中包含太多连续数字");

                result = new IdentityResult(errors);

}

            return result;

}

}

}

然后需要把这个规则告诉UserManager。

namespace WebApplication4.Infrastructure

{

    public class AppUserManager : UserManager<AppUser>

{

        public AppUserManager(IUserStore<AppUser> store) : base(store) { }

        public static AppUserManager Create(IdentityFactoryOptions<AppUserManager> options, IOwinContext context)

    {

            //identity ef上下文

            AppIdentityDbContext db = context.Get<AppIdentityDbContext>();

            //与identity ef相关的UserStore

            IUserStore<AppUser> us = new UserStore<AppUser>(db);

            AppUserManager manager = new AppUserManager(us);

            //密码相关

            manager.PasswordValidator = new CustomPasswordValidator {

                RequiredLength = 6,

                RequireNonLetterOrDigit = false,

                RequireDigit = false,

                RequireLowercase = true,

                RequireUppercase = true

    };

            return manager;

}

}

}

再次运行程序，创建用户页面，尝试输入不通过的密码。不过，关于密码的规则，似乎可以在View Model的验证层面就可以解决掉。编辑和删除用户在AdminController中增加编辑和删除的部分。

    public class AdminController : Controller

{

public ActionResult Index()

    {

            return View(UserManager.Users);

}

        //创建显示

        public ActionResult Create()

    {

            return View();

}

        //创建接收

        [HttpPost]

        public async Task<ActionResult> Create(CreateModel model)

    {

            if(ModelState.IsValid)

        {

                var user = new AppUser{UserName = model.Name, Email = model.Email};

                IdentityResult result = await UserManager.CreateAsync(user, model.Password);

                if(result.Succeeded)

            {

                    return RedirectToAction("Index");

        }else{

                    AddErrorsFromResult(result);

}

}

            return View(model);

}

        //编辑显示

        public async Task<ActionResult> Edit(string id)

    {

            AppUser user = await UserManager.FindByIdAsync(id);

            if(User != null)

        {

                CreateModel createModel = new CreateModel();

                createModel.Id = user.Id;

                createModel.Email = user.Email;

                createModel.Name = user.UserName;

                createModel.Password = user.PasswordHash;

                return View(createModel);

}

            else

        {

                return RedirectToAction("Index");

}

}

        //接收编辑

        [HttpPost]

        public async Task<ActionResult> Edit(CreateModel createModel)

    {

            if(ModelState.IsValid)

        {

                AppUser user = await UserManager.FindByIdAsync(createModel.Id);

                if (user != null)

            {

                    //关于邮箱

                    user.Email = createModel.Email;

                    IdentityResult validEmail = await UserManager.UserValidator.ValidateAsync(user);

                    if (!validEmail.Succeeded)

                {

                        AddErrorsFromResult(validEmail);

    }

                    user.UserName = createModel.Name;

                    //关于密码

                    IdentityResult validPass = null;

                    if (createModel.Password != string.Empty)

                {

                        validPass = await UserManager.PasswordValidator.ValidateAsync(createModel.Password);

                        if (validPass.Succeeded)

                    {

                            user.PasswordHash = UserManager.PasswordHasher.HashPassword(createModel.Password);

        }

                        else

                    {

                            AddErrorsFromResult(validPass);

        }

    }

                    user.Email = createModel.Email;

                    //验证结果

                    if ((validEmail.Succeeded && validPass == null) || (validEmail.Succeeded

    && createModel.Password != string.Empty && validPass.Succeeded))

                {

                        IdentityResult result = await UserManager.UpdateAsync(user);

                        if (result.Succeeded)

                    {

                            return RedirectToAction("Index");

        }

                        else

                    {

                            AddErrorsFromResult(result);

        }

    }

                    else

                {

                        ModelState.AddModelError("", "无此用户");

    }

}

                return View(createModel);

}

            else

        {

                return View(createModel);

}

}

        //删除

        [HttpPost]

        public async Task<ActionResult> Delete(string id)

    {

            AppUser user = await UserManager.FindByIdAsync(id);

            if(user != null)

        {

                IdentityResult result = await UserManager.DeleteAsync(user);

                if(result.Succeeded)

            {

                    return RedirectToAction("Index");

}

                else

            {

                    return View("Error", result.Errors);

}

}

            else

        {

                return View("Error", new string[] { "没有此用户" });

}

}

        private void AddErrorsFromResult(IdentityResult result)

    {

            foreach(var error in result.Errors)

        {

                ModelState.AddModelError("", error);

}

}

        private AppUserManager UserManager

    {

            get

        {

                return HttpContext.GetOwinContext().GetUserManager<AppUserManager>();

}

}

}

Admin/Edit.cshtml视图。

@model WebApplication4.Models.CreateModel

@{

    ViewBag.Title = "Edit";

    Layout = "~/Views/Shared/_Layout.cshtml";

}

<h2>Edit</h2>

@using (Html.BeginForm())

{

    @Html.AntiForgeryToken()

    <div class="form-horizontal">

        <hr />

        @Html.ValidationSummary(true)

        @Html.HiddenFor(model => model.Id)

        <div class="form-group">

            @Html.LabelFor(model => model.Name, new { @class = "control-label col-md-2" })

            <div class="col-md-10">

                @Html.EditorFor(model => model.Name)

                @Html.ValidationMessageFor(model => model.Name)

            </div>

        </div>

        <div class="form-group">

            @Html.LabelFor(model => model.Email, new { @class = "control-label col-md-2" })

            <div class="col-md-10">

                @Html.EditorFor(model => model.Email)

                @Html.ValidationMessageFor(model => model.Email)

            </div>

        </div>

        <div class="form-group">

            @Html.LabelFor(model => model.Password, new { @class = "control-label col-md-2" })

            <div class="col-md-10">

                @Html.EditorFor(model => model.Password)

                @Html.ValidationMessageFor(model => model.Password)

            </div>

        </div>

        <div class="form-group">

            <div class="col-md-offset-2 col-md-10">

                <input type="submit" value="保存" class="btn btn-default" />

            </div>

        </div>

    </div>

}

<div>

    @Html.ActionLink("返回", "Index")

</div>

另外，如果删除失败，跳转到Shared/Error.cshtml视图页。

@model IEnumerable<string>

@{ ViewBag.Title = "Error";}

<div class="alert alert-danger">

    @switch (Model.Count())

{

        case 0:

            @: Something went wrong. Please try again

            break;

        case 1:

        @Model.First();

                          break;

        default:

        @: 发现如下错误:

        <ul>

            @foreach (string error in Model)

        {

                <li>@error</li>

}

        </ul>

            break;

}

</div>

@Html.ActionLink("确定", "Index", null, new { @class = "btn btn-default" })

至此，使用ASP.NET Identy实现对用户的增删改查完毕，ASP.NET Identity真的很好很强大！