启动.cs:
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
AuthenticationScheme = "CustomAuthenticationCookieMiddleware",
LoginPath = new PathString("/user/login"),
LogoutPath = new PathString("/user/logout"),
AccessDeniedPath = new PathString("/access-denied"),
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
MembershipController.cs
...
await HttpContext.Authentication.SignInAsync("CustomAuthenticationCookieMiddleware", claimsPrincipal, new AuthenticationProperties { IsPersistent = loginUser.RememberMe });
...
========
问题:
[Authorize]
属性不起作用。它重定向到拒绝访问页面。
但是 [Authorize(Roles = "Administrator")]
效果很好
注意: "User.Identity.IsAuthenticated"
即使我成功登录也总是错误的