AuthenticationStandardEvents.OnCustomizeLoginToken Property

Specifies a delegate method that allows you to add additional claims to the user login token.

Namespace : DevExpress.ExpressApp.Security

Assembly : DevExpress.ExpressApp.Security.v25.2.dll

NuGet Package : DevExpress.ExpressApp.Security

csharp

public Action<CustomizeLoginTokenContext> OnCustomizeLoginToken { get; set; }

Public Property OnCustomizeLoginToken As Action(Of CustomizeLoginTokenContext)

Property Value

Type	Description
Action<CustomizeLoginTokenContext>

A delegate method that takes a context object as an argument.

Remarks

Use this property in an ASP.NET Core Blazor application to add additional claims to the login token. The specified delegate method is called before the token is issued and can use the authentication data available at this stage through the context argument to modify the claims collection.

For example, you can use this property to implement custom logic that adds logon parameter values to the claims. Consider a usage scenario where your login form has a custom “Company” field. You can use the code below to add the selected company’s Id value to the claims collection:

File: MySolution.WebApi\startup.cs (MySolution.Blazor.Server\startup.cs)

csharp

services.AddXaf(Configuration, builder => {
    // ...
    builder.Security
        .AddPasswordAuthentication(options => {
            options.IsSupportChangePassword = true;
            options.Events.OnCustomizeLoginToken = context => {
                var logonParameters = (CustomLogonParameters)context.LogonParameters;
                context.Claims.Add(new Claim("CompanyId", logonParameters.Company.Id));
                // If your login form allows a user to select a database,
                // you can also add a "DatabaseId" claim:
                // context.Claims.Add(new Claim("DatabaseId", logonParameters.Database.Id));
            };
        });
        // ...
});

Refer to the following section for information on how to implement custom logon parameters: Customize Standard Authentication Behavior and Supply Additional Logon Parameters (.NET Applications).

Access Claims

You can use one of the following techniques to access claims from an ASP.NET Core Blazor application’s code at runtime:

Use the DevExpress.ExpressApp.Security.IPrincipalProvider service’s User.Claims property.
In an MVC controller, you can use the controller’s User.Claims property. In middleware, use the HttpContext’s context.User.Claims property.

The code sample below demonstrates how to implement a custom Controller that injects the IPrincipalProvider service and uses it to access claims:

File: MySolution.Blazor.Server\Controllers\MyController.cs

csharp

using System.Security.Claims;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Security;

namespace MainDemo.Blazor.Server.Controllers {
    public class MyController : ViewController {
        readonly IPrincipalProvider principalProvider;

        public MyController() { }

        [ActivatorUtilitiesConstructor]
        public MyController(IServiceProvider serviceProvider) : this() {
            principalProvider = serviceProvider.GetRequiredService<IPrincipalProvider>();
            var _claimsPrincipal = (ClaimsPrincipal)principalProvider.User;
            var customClaim = _claimsPrincipal.FindFirst(c => c.Type == "CustomClaim");
            if(customClaim != null && customClaim.Value == "ClaimValue") {
                Active.SetItemValue("CustomClaim", false);
            }
        }
    }
}