Identity Manager SignOutAsync 会话在服务器端仍然活动

await _signInManager.SignOutAsync();
HttpContextAccessor httpCon = new HttpContextAccessor();
httpCon.HttpContext.Session.Clear();

1回答

温温酱

这是正常的过程。要在注销后使身份 cookie 失效，您可以SecurityStamp按照以下步骤更新并检查它：CustomCookieAuthenticationEventspublic class CustomCookieAuthenticationEvents : CookieAuthenticationEvents{&nbsp; &nbsp; private readonly SignInManager<IdentityUser> _signInManager;&nbsp; &nbsp; public CustomCookieAuthenticationEvents(SignInManager<IdentityUser> signInManager)&nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; // Get the database from registered DI services.&nbsp; &nbsp; &nbsp; &nbsp; _signInManager = signInManager;&nbsp; &nbsp; }&nbsp; &nbsp; public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)&nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; var userPrincipal = context.Principal;&nbsp; &nbsp; &nbsp; &nbsp; var user = await _signInManager.ValidateSecurityStampAsync(userPrincipal);&nbsp; &nbsp; &nbsp; &nbsp; if (user == null)&nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; context.RejectPrincipal();&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; await context.HttpContext.SignOutAsync(&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; IdentityConstants.ApplicationScheme);&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; }}注册并配置CustomCookieAuthenticationEventsservices.AddDefaultIdentity<IdentityUser>()&nbsp; &nbsp; .AddRoles<IdentityRole>()&nbsp; &nbsp; .AddEntityFrameworkStores<ApplicationDbContext>();services.ConfigureApplicationCookie(options =>{&nbsp; &nbsp; options.EventsType = typeof(CustomCookieAuthenticationEvents);});services.AddScoped<CustomCookieAuthenticationEvents>();退出流程await _signInManager.SignOutAsync();var user = await _userManager.GetUserAsync(User);await _userManager.UpdateSecurityStampAsync(user);_logger.LogInformation("User logged out.");

0

0

0