堆栈内存溢出
  简体   繁体   English

基于Asp.net Core 2.0自定义Cookie的身份验证

[英]Asp.net Core 2.0 Custom Cookie based authentication

 原文  2018-02-08 17:49:52       asp.net/ .net/ asp.net-core/ .net-core/ asp.net-core-2.0

问题描述

I have upgraded from asp.net core 1.0 to asp.net core 2.0 I need url based authentication which create a authorized cookie. 我已经从asp.net core 1.0升级到asp.net core 2.0,我需要基于URL的身份验证来创建授权的cookie。 There is no Login page. 没有登录页面。 If url contains certain token I need to authenticate the request if not redirect them to error page. 如果url包含某些令牌,那么如果不将其重定向到错误页面,我需要对请求进行身份验证。 I am stuck in redirect loop. 我陷入了重定向循环。 what's wrong in my code 我的代码有什么问题

ConfigureServices method ConfigureServices方法 

 services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(options =>
                {
                    options.LoginPath = new PathString("/Error/");
                    options.AccessDeniedPath = new PathString("/Error/");
                    options.SlidingExpiration = true;
                    options.ExpireTimeSpan = TimeSpan.FromMinutes(20);

                });

Configure Method 配置方法 

app.UseAuthentication();
app.ValidateRequest(Configuration);

In validaterequest middleware 在validaterequest中间件中 

public Task Invoke(HttpContext context)
        {
                context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
                   principal,
                   new AuthenticationProperties
                   {
                       ExpiresUtc = DateTime.UtcNow.AddSeconds(expiration),
                       IsPersistent = true,
                       AllowRefresh = true,
                       IssuedUtc = DateTime.UtcNow,
                   });
return _next.Invoke(context);
}


[MiddlewareFilter(typeof(validaterequestPipeline))]
    public class HomeController : Controller
    {
      [Authorize]
        [HttpGet]
        public IActionResult Index()
        {
        }
   }

1 个解决方案

解决方案1
 2 已采纳  2018-02-08 21:09:04

Login was working properly on http/localhost but once it is on https/subdomain.domain.com it didn't work. 登录在http/localhost上正常运行,但是一旦在https/subdomain.domain.com上登录则无法正常工作。 Change was to do this 改变是为了做到这一点 

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
{
    options.LoginPath = new PathString("/account/signin");
    options.SlidingExpiration = true;
    options.ExpireTimeSpan = TimeSpan.FromMinutes(20);
    options.Cookie.SameSite = SameSiteMode.None;
});

options.Cookie.SameSite = SameSiteMode.None;

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 自定义ASP.NET核心Cookie身份验证 - Custom ASP.NET Core Cookie Authentication 将基于ASP.NET Core MVC Cookie的身份验证与数据库中的自定义用户表一起使用 - Using ASP.NET Core MVC cookie based authentication with custom user tables in database 与asp.net core 2.0共享asp.net 4表单身份验证cookie - sharing asp.net 4 forms authentication cookie with asp.net core 2.0 在ASP.NET Core中使用授权属性和自定义Cookie身份验证 - Using the Authorize Attribute with Custom Cookie Authentication in ASP.NET Core ASP.NET Core 2.0中的防伪cookie - Antiforgery cookie in ASP.NET Core 2.0 ASP.NET Core 2.0身份验证不起作用 - ASP.NET Core 2.0 Authentication NOT Working ASP.NET Core 2.0动态身份验证 - ASP.NET Core 2.0 Dynamic Authentication 没有身份的 ASP.NET Core 2.0 Cookie 身份验证不指向 LoginPath - ASP.NET Core 2.0 Cookie Authentication without identity not directing to LoginPath ASP.NET OWIN自定义Cookie身份验证 - ASP.NET OWIN Custom Cookie Authentication 跨MVC 5和ASP.NET核心应用程序的基于Cookie的表单身份验证 - Cookie-based Forms Authentication Across MVC 5 and ASP.NET Core applications
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM