猿问

HttpContext.SignInAsync() 不对用户进行身份验证

我一直在尝试在ASP.NET Core 2.1中创建自定义登录功能。但是,它似乎不起作用,我不知道为什么。


这是在控制器中运行的:


var claims = new List<Claim>

{

    new Claim(ClaimTypes.Email, email),

    new Claim(ClaimTypes.Role, loginResult.User.RoleName)

};


ClaimsIdentity identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

ClaimsPrincipal principal = new ClaimsPrincipal(identity);

var timespanExpiry = new TimeSpan(0, 0, 30, 0, 0);

await httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme

    , principal

    , new AuthenticationProperties { ExpiresUtc = new DateTimeOffset(timespanExpiry.Ticks, timespanExpiry) });

这就是我在 Startup.cs 中的内容:


public void ConfigureServices(IServiceCollection services)

        {

            services.AddMemoryCache();

            services.AddSingleton<IConfiguration>(Configuration);

            services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();


            services.Configure<CookiePolicyOptions>(options =>

            {

                // This lambda determines whether user consent for non-essential cookies is needed for a given request.

                options.CheckConsentNeeded = context => true;

                options.MinimumSameSitePolicy = SameSiteMode.None;

            });

没有发生错误,但是当我在 Razor 或我的控制器中使用以下代码检查用户是否经过身份验证时,它返回 false。我也检查了其他问题和答案,这些都没有帮助并帮助我解决这个问题。


httpContextAccessor.HttpContext.User.Identity.IsAuthenticated

还有其他方法可以做到这一点,还是我做错了什么?


编辑:我已经包括了我的全部Startup.cs但故意排除了一些依赖注入和数据库相关信息。


斯蒂芬大帝
浏览 349回答 2
2回答

回首忆惘然

添加 cookie 时,您需要传入 AuthenticationScheme。services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .AddCookie(&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; CookieAuthenticationDefaults.AuthenticationScheme,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; options => {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; options.LoginPath = "/Login";&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; );

慕沐林林

我知道这是很久以前问过的,但我最近遇到了同样的问题。所以,在这里我分享我的发现。app.UseHttpsRedirection();app.UseStaticFiles();var cookiePolicyOptions = new CookiePolicyOptions{&nbsp; &nbsp;MinimumSameSitePolicy = SameSiteMode.Strict,&nbsp; &nbsp;HttpOnly = Microsoft.AspNetCore.CookiePolicy.HttpOnlyPolicy.Always,&nbsp; &nbsp;Secure = CookieSecurePolicy.None,};&nbsp; &nbsp;&nbsp;app.UseCookiePolicy(cookiePolicyOptions);&nbsp; &nbsp;&nbsp;app.UseRouting();&nbsp; &nbsp;&nbsp;app.UseAuthorization();app.UseAuthentication();出于某种原因,当我在 startup.cs 中使用上述代码时,它总是重定向到/login但是下面的代码工作正常。app.UseHttpsRedirection();app.UseStaticFiles();app.UseRouting();var cookiePolicyOptions = new CookiePolicyOptions{&nbsp; &nbsp; MinimumSameSitePolicy = SameSiteMode.Strict,&nbsp; &nbsp; HttpOnly = Microsoft.AspNetCore.CookiePolicy.HttpOnlyPolicy.Always,&nbsp; &nbsp; Secure = CookieSecurePolicy.None,};app.UseCookiePolicy(cookiePolicyOptions);app.UseAuthentication();app.UseAuthorization();似乎UseRouting()影响 cookie 身份验证的位置,对此的任何评论将不胜感激。
随时随地看视频慕课网APP
我要回答