Honestly, I'm still learning the ropes with Identity, myself. Admittedly, the Microsoft provided documentation could be better, but I've never found any of their documentation all that helpful. The best stuff always comes from the community, and unfortunately, Identity is still so new that the community has had time to really flesh it out yet.

老实说，我自己仍在学习 Identity 的诀窍。诚然，微软提供的文档可能会更好，但我从来没有发现他们的任何文档都有帮助。最好的东西总是来自社区，不幸的是，身份仍然很新，社区有时间真正充实它。

That said, here's what I know, with the understanding that there may be better ways that I'm simply not aware of, yet.

也就是说，这就是我所知道的，我知道可能有更好的方法，但我根本不知道。

Claims

索赔

Your UserManagerhas three methods of significance: GetClaimsAsync, AddClaimAsyncand RemoveClaimAsync.

您UserManager具有三种重要的方法：GetClaimsAsync,AddClaimAsync和RemoveClaimAsync。

To get all claims for a user:

要获取用户的所有声明：

var claims = await UserManager.GetClaimsAsync(userId);

You can get the current user's id with:

您可以通过以下方式获取当前用户的 ID：

var userId = User.Identity.GetUserId();

Once you have the claims, to pull out a specific one:

获得声明后，请提取特定声明：

var someClaim = claims.FirstOrDefault(c => c.Type == "SomeClaimType");

Where "SomeClaimType" is the name of the claim as it was added. In some scenarios this might be a fully qualified URN, or it may just be a simple string. If it's not something you personally added, the best thing to do is just inspect the claimsvariable during a debug session to see what you actually have there.

其中“SomeClaimType”是添加声明时的名称。在某些情况下，这可能是一个完全限定的 URN，也可能只是一个简单的字符串。如果它不是您个人添加的内容，最好的办法就是claims在调试会话期间检查变量以查看您实际拥有的内容。

Also, since the list of claims is a queryable, you can pretty much do whatever LINQ query you want on it, Where, Count, etc.

此外，由于声明列表是可查询的，因此您几乎可以对它执行任何 LINQ 查询Where、Count、 等。

To add a new claim:

要添加新声明：

await UserManager.AddClaimAsync(userId, new Claim("SomeClaimType", claimValue));

And to remove a claim:

并删除声明：

await UserManager.RemoveClaimAsync(userId, someClaim);

Roles

角色

Roles work in a similar way. To get all roles for a user:

角色以类似的方式工作。要获取用户的所有角色：

var roles = await UserManager.GetRolesAsync(userId);

To see if a user is in a particular role:

要查看用户是否处于特定角色：

var hasRole = await UserManager.IsInRoleAsync(userId, "SomeRole");

To add a user to a particular role:

要将用户添加到特定角色：

await UserManager.AddToRoleAsync(userId, "SomeRole");

And to remove:

并删除：

await UserManager.RemoveFromRoleAsync(userId, "SomeRole");

Adding the roles in the first place is a bit different; you have to create an instance of RoleStore.

首先添加角色有点不同；你必须创建一个RoleStore.

var roleStore = new RoleStore<IdentityRole>(context);

Then, you can use that to manage all roles. For example, to create a new role:

然后，您可以使用它来管理所有角色。例如，要创建一个新角色：

await roleStore.CreateAsync(new IdentityRole("RoleName"));

To remove:

去除：

var identityRole = await roleStore.FindByNameAsync("RoleName");
await roleStore.DeleteAsync(identityRole);

Getting allroles, is not possible with the Identity-specific API at this time, but you can always fall back to querying with Entity Framework directly:

目前无法使用特定于身份的 API获取所有角色，但您始终可以直接使用实体框架进行查询：

var allRoles = context.Roles.OrderBy(o => o.Name);

Regarding Asp.Net Identity, I would strongly recommend Brock Allen's implementation, called 'Identity Reboot'. Identity Reboot basically is a set of extensions to the ASP.NET Identity. It was inspired due to frustrations with the ASP.NET Identity implementation.

关于 Asp.Net Identity，我强烈推荐 Brock Allen 的实现，称为“Identity Reboot”。Identity Reboot 基本上是对 ASP.NET Identity 的一组扩展。它的灵感来源于对 ASP.NET Identity 实现的挫折。

You can read an introductory article here. You can download source code and samples from github here.

您可以在此处阅读介绍性文章。您可以从 github此处下载源代码和示例。

You can install it using nuget:

您可以使用 nuget 安装它：

www.nuget.org/packages/BrockAllen.IdentityReboot/
www.nuget.org/packages/BrockAllen.IdentityReboot.Ef/   (for entity framework)