看起来这与注销时触发用户名/密码验证的情况相同。CustomAuthProvider
如果您还没有这样做,您可以通过推出自己的产品来克服这个问题。在验证部分,您应该排除注销作为提供者。
public class CustomAuthProvider : CredentialsAuthProvider
{
private class CredentialsAuthValidator : AbstractValidator<Authenticate>
{
public CredentialsAuthValidator()
{
RuleFor(x => x.UserName)
.NotEmpty().WithMessage("Username Required")
.When(d => d.provider != "logout");
RuleFor(x => x.Password)
.NotEmpty().WithMessage("Password Required")
.When(d => d.provider != "logout");
}
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
new CredentialsAuthValidator().ValidateAndThrow(request);
return Authenticate(authService, session, request.UserName, request.Password, request.Continue);
}
}
您还需要注册 CustomAuthProvider
Plugins.Add(new AuthFeature(() => new CustomUserSession(),
new IAuthProvider[] {
new CustomAuthProvider()
}) { HtmlRedirect = null });
注意:您在/auth/{provider}?username=&password=