c# - Identity signIn / PasswordSignIn 返回成功,但 @User.Identity.IsAuthenticated 返回 false
问题描述
我正在使用带有自定义设置的 ASP.NET Core 2.2 + Identity(下面的代码)
由于某种原因,在用户注册后,登录操作返回后succeed,检查我是否登录View返回 false
创建的唯一 cookie 是:来自 ASP.NET 的 MyApp 和 AntiForgery
启动:
services.AddDbContext<Context>
(
options => options.UseSqlServer(Configuration["Database:ConnectionString"])
);
services.AddCustomDefaultIdentity<User>
(
o => { o.Password.RequireDigit = true; }
)
.AddSignInManager()
.AddEntityFrameworkStores<Context>();
services.ConfigureApplicationCookie(options =>
{
options.AccessDeniedPath = "/denied";
options.Cookie.Name = "MyApp";
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
options.LoginPath = "/login";
options.LogoutPath = "/logout";
options.ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
options.SlidingExpiration = true;
});
自定义身份:
public static IdentityBuilder AddCustomDefaultIdentity<TUser>(this IServiceCollection services, Action<IdentityOptions> configureOptions) where TUser : class
{
services.AddAuthentication(o =>
{
o.DefaultScheme = IdentityConstants.ApplicationScheme;
o.DefaultSignInScheme = IdentityConstants.ExternalScheme;
})
.AddIdentityCookies(o => { });
return services.AddIdentityCore<TUser>(o =>
{
o.Stores.MaxLengthForKeys = 128;
configureOptions?.Invoke(o);
})
.AddDefaultTokenProviders();
}
控制器:
[HttpPost]
public async Task<IActionResult> Login(string Login, string Password)
{
var user = _context.Users.FirstOrDefault(x => x.UserName == Login);
if (user == null)
{
return Error(nameof(Login), "User does not exists.");
}
//var sign = await _sm.PasswordSignInAsync(user, Password, true, true);
await _sm.SignInAsync(user, true);
return View();
}
CSHTML
@User.Identity.IsAuthenticated
@if (User.Identity.IsAuthenticated)
{
<div>Hello, @User.Identity.Name</div>
}
登记:
public async Task<(bool Success, string ErrorMessage, User user)> TryRegister(RegisterInput input)
{
var user = new User(input.Login, input.Email, input.Login);
var result = await _um.CreateAsync(user, input.Password);
var user_result = result.Succeeded ? _context.Users.FirstOrDefault(x => x.UserName == input.Login) : null;
return (result.Succeeded, string.Join(",", result.Errors.Select(x => x.Description)), user_result);
}
解决方案
使用 HttpContext SignInAsync 登录这样的东西。
// issue authentication cookie with subject ID and username
await HttpContext.SignInAsync(user.Id, user.UserName, props);
await _loginService.SignIn(user);
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(user, model.Password, model.AllowRememberLogin, lockoutOnFailure: true);
推荐阅读
- xv6 - 如何在 xv6 中使用 kbgetc
- c++ - Mingw32 无法静态链接到 libgcc_s_dw2-1、libstdc++-6、libwinpthread-1 (Qt 5.7.1)
- bash - 如何替换文本文件中周期性出现的数组
- python - 创建包含给定值和日期范围的所有可能性的字典的最佳方法是什么?
- console - 自几周前 Google 更新以来,是否有人在他们的操作中也遇到过故障?
- go - 使用切片的动态结构(包含外键)和 go-gorm 将数据插入数据库
- xslt - 如何使用 XSLT 将所有标题文本转换为标题大小写?
- javascript - 如何在 React 的 return 语句中使用获取结果?
- tensorflow - 我想在我的自定义层中使用 keras 层,但我无法将层的输出作为张量而不是对象返回
- javascript - 使用 bootstrap-vue 中的传单删除标记单击时弹出的默认对话框