Save user session in Redis with ASP.NET Core in Azure
Question
I'm using redis cache for saving some stuff in my project.
I am using Azure (WebApp), and when I do a SWAP between my preproduction environment to production, the user session is lost and he need to relogin in my web page.
I'm using Identity 3.0, with UseCookieAuthentication. I would like to store the "session" in Redis for solving my problem when I do the swap.
I don't found information about it, any ideas? Thanks
Startup.cs Code ConfigureServices:
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
// Registers MongoDB conventions for ignoring default and blank fields
// NOTE: if you have registered default conventions elsewhere, probably don't need to do this
//RegisterClassMap<ApplicationUser, IdentityRole, ObjectId>.Init();
AutoMapperWebConfiguration.Configure();
services.AddSingleton<ApplicationDbContext>();
// Add Mongo Identity services to the services container.
services.AddIdentity<ApplicationUser, IdentityRole>(o =>
{
// configure identity options
o.Password.RequireDigit = false;
o.Password.RequireLowercase = false;
o.Password.RequireUppercase = false;
o.Password.RequireNonLetterOrDigit = false;
o.Password.RequiredLength = 6;
o.User.RequireUniqueEmail = true;
o.Cookies.ApplicationCookie.CookieSecure = CookieSecureOption.SameAsRequest;
o.Cookies.ApplicationCookie.CookieName = "MyCookie";
})
.AddMongoStores<ApplicationDbContext, ApplicationUser, IdentityRole>()
.AddDefaultTokenProviders();
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromMinutes(60);
options.CookieName = "MyCookie";
});
services.Configure<AppSettings>(Configuration.GetSection("AppSettings"));
services.AddLocalization(options => options.ResourcesPath = "Resources");
// Caching This will add the Redis implementation of IDistributedCache
services.AddRedisCache();
services.Configure<RedisCacheOptions>(options =>
{
options.Configuration = Configuration["RedisConnection"];
});
services.AddCaching();
// Add MVC services to the services container.
services.AddMvc(options =>
{
options.CacheProfiles.Add("OneDay",
new CacheProfile()
{
Duration = 86400,
Location = ResponseCacheLocation.Any
});
options.CacheProfiles.Add("OneMinute",
new CacheProfile()
{
Duration = 60,
Location = ResponseCacheLocation.Any
});
})
.AddViewLocalization(options => options.ResourcesPath = "Resources")
.AddDataAnnotationsLocalization();
services.Configure<AppOptions>(Configuration.GetSection("AppOptions"));
}
Startup.cs Code
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
//
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseApplicationInsightsRequestTelemetry();
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseSession();
app.UseIISPlatformHandler(options => options.AuthenticationDescriptions.Clear());
app.UseApplicationInsightsExceptionTelemetry();
app.UseStaticFiles();
app.UseIdentity();
app.UseCookieAuthentication(options =>
{
options.AutomaticAuthenticate = true;
options.LoginPath = new PathString("/Account/Login");
options.AutomaticChallenge = true;
});
var requestLocalizationOptions = new RequestLocalizationOptions
{
// Set options here to change middleware behavior
SupportedCultures = new List<CultureInfo>
{
new CultureInfo("en-US"),
new CultureInfo("es-ES")
},
SupportedUICultures = new List<CultureInfo>
{
new CultureInfo("en-US"),
new CultureInfo("es-ES")
},
RequestCultureProviders = new List<IRequestCultureProvider>
{
new CookieRequestCultureProvider
{
CookieName = "_cultureLocalization"
},
new QueryStringRequestCultureProvider(),
new AcceptLanguageHeaderRequestCultureProvider
{
}
}
};
app.UseRequestLocalization(requestLocalizationOptions, defaultRequestCulture: new RequestCulture("en-US"));
app.UseFacebookAuthentication(options =>
{
options.AppId = "*****";
options.AppSecret = "****";
});
app.UseGoogleAuthentication(options =>
{
options.ClientId = "*****";
options.ClientSecret = "***";
});
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
routes.MapRoute(
name: "view",
template: "{customName}/{id}",
defaults: new { controller = "View", action = "Index" });
});
}
1 answers
solution1
2 ACCPTED 2016-04-07 14:26:14
Session is not linked to Authentication, you're attempting to solve it in the wrong way.
All forms authentication tickets and cookies are encrypted and signed using the data protection layer. The problem you are encountering is due to the encryption keys not being saved, and applications being isolated from each other.
In order to solve it you must share both the encryption keys and set an application name in your code. In all honesty I'd recommend you don't. Pre-production is not a live service, and you shouldn't be able to authenticate to both at once.
If you feel like you must do this then you need to share the encryption key-ring, and set a fixed application name. You can share keys via a shared folder, or by storing them in a shared location, such as SQL, or Azure storage. In order to do so you'd have to write your own keyring provider, by implementing an IXmlRepository . Once you have your keys shared then you can set a fixed application identifier by using SetApplicationName during data protection configuration.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.