[英]Identity signIn / PasswordSignIn returns success, but @User.Identity.IsAuthenticated returns false
我正在使用带有自定义设置的ASP.NET Core 2.2 + Identity(下面的代码)
用户注册后由于某种原因,返回succeed
登录操作之后,检查我是否已在View
上登录返回false
创建的唯一cookie是:ASP.NET中的MyApp和AntiForgery
启动:
services.AddDbContext<Context>
(
options => options.UseSqlServer(Configuration["Database:ConnectionString"])
);
services.AddCustomDefaultIdentity<User>
(
o => { o.Password.RequireDigit = true; }
)
.AddSignInManager()
.AddEntityFrameworkStores<Context>();
services.ConfigureApplicationCookie(options =>
{
options.AccessDeniedPath = "/denied";
options.Cookie.Name = "MyApp";
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
options.LoginPath = "/login";
options.LogoutPath = "/logout";
options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
options.SlidingExpiration = true;
});
CustomIdentity:
public static IdentityBuilder AddCustomDefaultIdentity<TUser>(this IServiceCollection services, Action<IdentityOptions> configureOptions) where TUser : class
{
services.AddAuthentication(o =>
{
o.DefaultScheme = IdentityConstants.ApplicationScheme;
o.DefaultSignInScheme = IdentityConstants.ExternalScheme;
})
.AddIdentityCookies(o => { });
return services.AddIdentityCore<TUser>(o =>
{
o.Stores.MaxLengthForKeys = 128;
configureOptions?.Invoke(o);
})
.AddDefaultTokenProviders();
}
控制器:
[HttpPost]
public async Task<IActionResult> Login(string Login, string Password)
{
var user = _context.Users.FirstOrDefault(x => x.UserName == Login);
if (user == null)
{
return Error(nameof(Login), "User does not exists.");
}
//var sign = await _sm.PasswordSignInAsync(user, Password, true, true);
await _sm.SignInAsync(user, true);
return View();
}
网页HTML
@User.Identity.IsAuthenticated
@if (User.Identity.IsAuthenticated)
{
<div>Hello, @User.Identity.Name</div>
}
寄存器:
public async Task<(bool Success, string ErrorMessage, User user)> TryRegister(RegisterInput input)
{
var user = new User(input.Login, input.Email, input.Login);
var result = await _um.CreateAsync(user, input.Password);
var user_result = result.Succeeded ? _context.Users.FirstOrDefault(x => x.UserName == input.Login) : null;
return (result.Succeeded, string.Join(",", result.Errors.Select(x => x.Description)), user_result);
}
使用HttpContext SignInAsync登录类似的内容。
// issue authentication cookie with subject ID and username
await HttpContext.SignInAsync(user.Id, user.UserName, props);
await _loginService.SignIn(user);
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(user, model.Password, model.AllowRememberLogin, lockoutOnFailure: true);
我忘了加
app.UseAuthentication();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.