时间戳

首页 > 解决方案 > 在未登录的情况下通过 [Authorize] 属性

asp.net-mvc - 在未登录的情况下通过 [Authorize] 属性

问题描述

我正在使用.net core Identity UI

起初,尽管已登录,但我无法访问 [Authorize] 操作。我日夜搜索解决方案并找到了它 -> 我只是添加了 

app.UseAuthentication();

Startup.cs的配置方法中。但是,不,我可以在没有实际登录的情况下访问我的操作。我确保我在identity/account/logout 注销

我真的不知道是否需要任何代码粘贴,但如果认为有必要我会提供。

编辑代码:Startup.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using lalalala.Areas.Identity.Data;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace lalalala
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.Configure<CookiePolicyOptions>(options =>
            {
                // This lambda determines whether user consent for non-essential cookies is needed for a given request.
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });


            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseStaticFiles();
            app.UseCookiePolicy();
            app.UseAuthentication();
            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });
        }
    }
}

我无需登录即可访问的操作:

[HttpPost]
        [Authorize]
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> Create([Bind("MemeId, Tags, Name, File")] Meme meme)
        {

            Account account = new Account(
             "***",
             "***",
             "***");
            var cloudinary = new Cloudinary(account);


            if (ModelState.IsValid)
            {
                using (var memoryStream = new MemoryStream())
                {
                    await meme.File.CopyToAsync(memoryStream);
                    meme.Buffer = memoryStream.ToArray();
                    MemoryStream ms = new MemoryStream(meme.Buffer, 0, meme.Buffer.Length);
                    var uploadParams = new ImageUploadParams()
                    {
                        File = new FileDescription(meme.File.FileName, ms)
                    };

                    var uploadResult = cloudinary.Upload(uploadParams);
                    meme.Url = uploadResult.Uri.ToString();
                }





                _context.Add(meme);
                await _context.SaveChangesAsync();
                return RedirectToAction(nameof(Index));
            }
            return View(meme);
        }

标签: asp.net-mvcasp.net-core-mvcasp.net-identity

解决方案

推荐阅读