Jwt and Cookie Authentication

Question

I want two ways authentication, first by jwt for mobile app second by cookie for admins. I dont understand why it is not work. Maybe conflict.

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = "some",
        ValidAudience = "some",
        IssuerSigningKey = signingDecodingKey.GetKey(),
    };
})
.AddCookie("Admin_Scheme", options => 
{
    options.LoginPath = new PathString("/Admin/Auth/Login");
});  

But if I comment this:

services.AddAuthentication("Admin_Scheme")
//.AddJwtBearer(options =>
//{
//    options.TokenValidationParameters = new TokenValidationParameters
//    {
//        ValidateIssuer = true,
//        ValidateAudience = true,
//        ValidateLifetime = true,
//        ValidateIssuerSigningKey = true,
//        ValidIssuer = "MobileTLServer",
//        ValidAudience = "MobileTLClient",
//        IssuerSigningKey = signingDecodingKey.GetKey(),
//    };
//})
.AddCookie("Admin_Scheme", options => // конфигурации cookie аутентификации
{
    options.LoginPath = new PathString("/Admin/Auth/Login");
});  

Everything is fine work.

I dont understand where I had mistaken.

It is my AuthService:

//default claims
var claims = new List<Claim>
{
    new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
    new Claim(ClaimsIdentity.DefaultNameClaimType, user.Name),
    new Claim(ClaimsIdentity.DefaultRoleClaimType, "Manager"),
};

//Permissions
var permissions = await _context.PermissonRoles
    .Include(pr => pr.Permission)
    .Where(pr => pr.IdRole == user.Role.Id)
    .Select(pr => pr.Permission)
    .ToListAsync();

//Fill data
foreach (var permission in permissions)
{
    claims.Add(new Claim("Permission", permission.PermissionCode));
}

var claimsIdentity = new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);

await HttpContext.SignInAsync("Admin_Scheme", new ClaimsPrincipal(claimsIdentity),
new AuthenticationProperties
{
    ExpiresUtc = DateTime.UtcNow.AddMinutes(60),
    IsPersistent = true
});   

This site want that I will add more information, but I dont know what I can add.

Answer 1

According to your description, I guess you may not set the Authorize attribute AuthenticationSchemes for cookies, since your default Schemes changed to the JWT, this means if you are not specific the AuthenticationSchemes, it will use JWT token. If you use the cookie token, it will not work.

More details about how to set the Authorize AuthenticationSchemes, you could refer to below codes:

[Authorize( AuthenticationSchemes = "Admin_Scheme")]
public class HomeController : Controller