心跳期间的ServiceStack GetSession
[英]ServiceStack GetSession during heartbeat
问题描述
I have a servicestack app in which I would like to make some session-related updates during heartbeat. 
我有一个servicestack应用程序,我想在心跳期间进行一些与会话相关的更新。
My simplified host code: 我的简化主机代码:
internal class SelfHost : AppSelfHostBase
{
public SelfHost() : base("HttpListener Self-Host", typeof(ServerEventsService).Assembly)
{
}
public override void Configure(Container container)
{
Plugins.Add(new ServerEventsFeature
{
LimitToAuthenticatedUsers = true,
NotifyChannelOfSubscriptions = false,
OnHeartbeatInit = req =>
{
var userSession = req.GetSession();
var sessionKey = SessionFeature.GetSessionKey(req.GetSessionId());
}
});
container.Register<ICacheClient>(new MemoryCacheClient());
Plugins.Add(new AuthFeature(() => new AuthUserSession(),
new IAuthProvider[]
{
new CredentialsAuthProvider
{
SessionExpiry = TimeSpan.FromSeconds(30),
SkipPasswordVerificationForInProcessRequests = true,
},
})
);
var userRep = new InMemoryAuthRepository();
container.Register<IUserAuthRepository>(userRep);
string hash;
string salt;
var pwd = "ValidPassword";
new SaltedHash().GetHashAndSaltString(pwd, out hash, out salt);
userRep.CreateUserAuth(new UserAuth
{
Id = 3,
DisplayName = "CustomDisplayName2",
Email = "test2@gmail.com",
UserName = "CustomUserName2",
FirstName = "FirstName2",
LastName = "LastName2",
PasswordHash = hash,
Salt = salt,
}, pwd);
}
}
and the simplified client code: 和简化的客户端代码:
var mainClient = new ServerEventsClient(baseUrl, "home");
var authResponse = mainClient.Authenticate(new Authenticate
{
provider = "credentials",
UserName = "CustomUserName2",
Password = "ValidPassword",
RememberMe = false,
});
mainClient.Connect().Wait();
It connects and authenticates fine, the problematic part start in OnHeartbeatInit - my session here is always a new non authenticated session that has only Id, CreatedAt and LastModified. 它可以正常连接并进行身份验证,有问题的部分始于OnHeartbeatInit我的会话始终是一个新的未经身份验证的会话,仅具有Id,CreatedAt和LastModified。 My service is marked with [Authenticate] attribute on class level. 我的服务在课程级别标记为[Authenticate]属性。 Have I misconfigured or lost some config that should allow that? 我是否配置错误或丢失了应允许的配置? If I post to my service and call Request.GetSession() then I get a populated session which I expect to see in OnHeartbeatInit as well. 如果我发布到我的服务并调用Request.GetSession()那么我将获得一个填充的会话,我也希望在OnHeartbeatInit看到该OnHeartbeatInit 。
Sidenote: there are no hidden configs anywhere, I have created a separate app exclusively for this example. 旁注:任何地方都没有隐藏的配置,为此示例我专门创建了一个单独的应用程序。
1 个解决方案
解决方案1
2 已采纳 2016-03-03 22:10:48
The issue is that the heartbeats requests sent in .NET ServerEventsClient isn't sent with the same CookieContainer that the client authenticates or connects to the /event-stream with, which is what contains the Session Cookies. 问题在于,在.NET ServerEventsClient中发送的心跳请求未与客户端进行身份验证或连接到/event-stream CookieContainer发送,该Cookie包含会话Cookie。
I've updated the ServerEventsClient so heartbeat requests now reference the same CookieContainer for every heartbeat request in this commit . 我已经更新了ServerEventsClient因此心跳请求现在针对此提交中的每个心跳请求都引用相同的CookieContainer。
This change is available from v4.0.55 that's now available on MyGet . 此更改从v4.0.55开始可用,现在可以在MyGet上使用 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.