身份登录/ PasswordSignIn返回成功，但@ User.Identity.IsAuthenticated返回false

Question

我正在使用带有自定义设置的ASP.NET Core 2.2 + Identity（下面的代码）

用户注册后由于某种原因，返回succeed登录操作之后，检查我是否已在View上登录返回false

创建的唯一cookie是：ASP.NET中的MyApp和AntiForgery

启动：

    services.AddDbContext<Context>
    (
        options => options.UseSqlServer(Configuration["Database:ConnectionString"])
    );

    services.AddCustomDefaultIdentity<User>
    (
        o => { o.Password.RequireDigit = true; }
    )
    .AddSignInManager()
    .AddEntityFrameworkStores<Context>();

    services.ConfigureApplicationCookie(options =>
    {
        options.AccessDeniedPath = "/denied";
        options.Cookie.Name = "MyApp";
        options.Cookie.HttpOnly = true;
        options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
        options.LoginPath = "/login";
        options.LogoutPath = "/logout";
        options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
        options.SlidingExpiration = true;
    });

CustomIdentity：

    public static IdentityBuilder AddCustomDefaultIdentity<TUser>(this IServiceCollection services, Action<IdentityOptions> configureOptions) where TUser : class
    {
        services.AddAuthentication(o =>
        {
            o.DefaultScheme = IdentityConstants.ApplicationScheme;
            o.DefaultSignInScheme = IdentityConstants.ExternalScheme;
        })
        .AddIdentityCookies(o => { });

        return services.AddIdentityCore<TUser>(o =>
        {
            o.Stores.MaxLengthForKeys = 128;
            configureOptions?.Invoke(o);
        })
        .AddDefaultTokenProviders();
    }

控制器：

    [HttpPost]
    public async Task<IActionResult> Login(string Login, string Password)
    {
        var user = _context.Users.FirstOrDefault(x => x.UserName == Login);

        if (user == null)
        {
            return Error(nameof(Login), "User does not exists.");
        }

        //var sign = await _sm.PasswordSignInAsync(user, Password, true, true);
         await _sm.SignInAsync(user, true);

        return View();
    }

网页HTML

    @User.Identity.IsAuthenticated
    @if (User.Identity.IsAuthenticated)
    {
        <div>Hello, @User.Identity.Name</div>
    }

寄存器：

    public async Task<(bool Success, string ErrorMessage, User user)> TryRegister(RegisterInput input)
    {
        var user = new User(input.Login, input.Email, input.Login);
        var result = await _um.CreateAsync(user, input.Password);

        var user_result = result.Succeeded ? _context.Users.FirstOrDefault(x => x.UserName == input.Login) : null;
        return (result.Succeeded, string.Join(",", result.Errors.Select(x => x.Description)), user_result);
    }

Answer 1

使用HttpContext SignInAsync登录类似的内容。

                // issue authentication cookie with subject ID and username 
                await HttpContext.SignInAsync(user.Id, user.UserName, props);

                await _loginService.SignIn(user);

                // This doesn't count login failures towards account lockout
                // To enable password failures to trigger account lockout, set lockoutOnFailure: true
                var result = await _signInManager.PasswordSignInAsync(user, model.Password, model.AllowRememberLogin, lockoutOnFailure: true);

Answer 2

我忘了加

app.UseAuthentication();