堆栈内存溢出
  简体   繁体   English

MVC [Authorize]属性可用于除主页以外的所有页面

[英]MVC [Authorize] attribute working on every page except home page

 原文  2018-10-23 17:38:09       c#/ authentication/ cookies/ .net-core

问题描述

I'm using cookie authentication in a .Net Core 2.1 web app and I can't seem to get the authorize attribute to work on the default home page (webapp url). 我在.Net Core 2.1 Web应用程序中使用cookie身份验证,但似乎无法获得authorize属性在默认主页(webapp网址)上工作。 The attribute is working on all other pages. 该属性在所有其他页面上都有效。

When I go to https://appurl/home it redirects to login, but navigating to https://appurl doesn't require auth at all. 当我转到https:// appurl / home时,它将重定向到登录名,但是导航到https:// appurl根本不需要身份验证。 Here is my startup routing: 这是我的启动路由: 

app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "Home",
                template: "{controller=Home}/{action=Index}/{id?}");
        });

Here is my home controller: 这是我的家庭控制器: 

[Authorize]
public class HomeController : Controller
{
    public IActionResult Index()
    {
        return View();
    }

    [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
    public IActionResult Error()
    {
        return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
    }
}

All other controllers marked with [Authorize] like this redirect to login as expected, I just don't know how to specify authorization on the default app url. 所有其他标有[Authorize]的控制器都像这样重定向到预期的登录名,我只是不知道如何在默认应用程序URL上指定授权。

Any help would be greatly appreciated. 任何帮助将不胜感激。

UPDATE: I suppose I've solved my issue by basically requiring auth by default and allowing anon access to just my login razor page (I'm using both mvc and razor pages). 更新:我想我已经通过基本要求默认身份验证并允许匿名访问我的登录剃刀页面(我同时使用mvc和剃刀页面)解决了我的问题。 I'm still curious if it can be done another way, but here is my startup.cs: 我仍然很好奇是否可以通过其他方式完成,但这是我的startup.cs: 

 public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        /*
        services.Configure<CookiePolicyOptions>(options =>
        {
            // This lambda determines whether user consent for non-essential cookies is needed for a given request.
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });
        */

        services.AddMvc(options =>
            {
                var policy = new AuthorizationPolicyBuilder()
                    .RequireAuthenticatedUser()
                    .Build();
                options.Filters.Add(new AuthorizeFilter(policy));
            })
            .AddRazorPagesOptions(options =>
            {
                options.Conventions.AllowAnonymousToPage("/Account/Login");
            })
            .SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
            .AddCookie(options =>
            {
                options.LoginPath = "/Account/Login";
                options.LogoutPath = "/Account/Logout";
            });

        // Add DB contexts here.
        services.Configure<Database.DatabaseConfig>(Configuration.GetSection("ConnectionStrings"));

        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();
        app.UseAuthentication();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}

1 个解决方案

解决方案1
 0  2018-10-23 21:05:14

It seems you forgot to add services.AddAuthorization (); 看来您忘记了添加services.AddAuthorization (); below services.AddAuthentication (...); services.AddAuthentication (...);下面services.AddAuthentication (...);

If you do that, probably you will not need this: 如果这样做,可能您将不需要: 

services.AddMvc(options =>
{
    var policy = new AuthorizationPolicyBuilder()
        .RequireAuthenticatedUser()
        .Build();
    options.Filters.Add(new AuthorizeFilter(policy));
})
.AddRazorPagesOptions(options =>
{
    options.Conventions.AllowAnonymousToPage("/Account/Login");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

You can change for this: 您可以为此进行更改: 

services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET MVC 3 - 授权属性的不同登录页面 - ASP.NET MVC 3 - Different Login Page for Authorize Attribute 我的mvc 2应用程序为除主页之外的所有页面提供404服务 - My mvc 2 application serves 404 for all pages except home page 自定义角色提供程序的授权属性在MVC 5中不起作用 - Authorize attribute of custom Role provider not working in MVC 5 单元测试 ASP.Net MVC Authorize 属性以验证重定向到登录页面 - Unit testing ASP.Net MVC Authorize attribute to verify redirect to login page 如果page = home显示这个div MVC - If page = home display this div MVC mvc布局页面使主页变形 - mvc Layout page is distorting home page MVC RoleProvider和Authorize属性 - MVC RoleProvider and Authorize attribute 如何将错误重定向到MVC主页? - How to redirect errors to home page in MVC? ASP.NET MVC 4-登录主页 - ASP.NET MVC 4 - Login on home page 使用角色授权属性不起作用? - Authorize Attribute with Roles not working?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM