[英]How do I validate a user's cookie and extract their claims in identity framework?
I'm currently using Identity framework to create and store a cookie for the user.我目前正在使用 Identity 框架为用户创建和存储 cookie。 When the user attempts to login with the cookie, I'm unable to get the user claims from the cookie.
当用户尝试使用 cookie 登录时,我无法从 cookie 中获取用户声明。 Is there a way to decrypt the cookie when it is passed in or find it within the httpcontext?
有没有办法在传入cookie时对其进行解密或在httpcontext中找到它?
I've tried searching the httpcontext, and I'm currently trying to find a way to decrypt the cookie that is passed in.我已经尝试搜索 httpcontext,并且我目前正在尝试找到一种方法来解密传入的 cookie。
From startup.cs从startup.cs
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Cookie.Name = "MyCookie.Identity";
options.Cookie.Expiration = TimeSpan.FromDays(1);
});
Where I create the cookie:我在哪里创建 cookie:
private async void AddUserCookie(AuthRequest authRequest)
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.NameIdentifier, authRequest.UserName),
new Claim(ClaimTypes.Name, authRequest.UserName),
new Claim(ClaimTypes.Email, "TestClaim@Test.com")
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
ExpiresUtc = DateTimeOffset.UtcNow.AddDays(1),
IsPersistent = true,
IssuedUtc = DateTimeOffset.UtcNow
};
await this._httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties).ConfigureAwait(false);
When I try to retrieve the cookie from the http context it says there's no claim's within the user's identity.当我尝试从 http 上下文中检索 cookie 时,它说用户身份中没有声明。
Answer is provided here: https://forums.asp.net/t/2157350.aspx?How+does+cookie+authentication+in+identity+framework+work+答案在此处提供: https : //forums.asp.net/t/2157350.aspx?How+does+cookie+authentication+in+identity+framework+work+
In short, I forgot to add app.UseAuthentication() in my startup.cs简而言之,我忘了在我的 startup.cs 中添加 app.UseAuthentication()
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.