我有一个带有 cookie 身份验证的 aspnet 核心网站。当我注销时,然后,当我单击浏览器的后退按钮时,我导航到最后一个网页,我不希望这样,我不希望用户被重定向到登录页面以进行身份验证再次。
我的启动.cs
public void ConfigureServices(IServiceCollection services)
{
....
services.AddIdentity<ApplicationUser, ApplicationRole>(
config =>
{
config.User.RequireUniqueEmail = true;
config.SignIn.RequireConfirmedEmail = true;
config.Password.RequiredLength = 8;
config.Cookies.ApplicationCookie.LoginPath = "/Home/Login";
})
.AddEntityFrameworkStores<DbContext>()
.AddDefaultTokenProviders();
......
}
我的控制器.cs
public class HomeController : Controller
{
.....
private readonly string _externalCookieScheme;
....
public HomeController(
.....
IOptions<IdentityCookieOptions> identityCookieOptions,
.....)
{
....
_externalCookieScheme = identityCookieOptions.Value.ExternalCookieAuthenticationScheme;
....
}
[HttpGet]
[AllowAnonymous]
public async Task<IActionResult> Login()
{
// Clear the existing external cookie to ensure a clean login process
await HttpContext.Authentication.SignOutAsync(_externalCookieScheme);
return View();
}
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> LogOff()
{
await HttpContext.Authentication.SignOutAsync(_externalCookieScheme); //don´t remove the cookie
_logger.LogInformation(4, "User logged out.");
return RedirectToAction(nameof(HomeController.Login), "Home");
}
}
我在这里缺少什么?
此致。
乔莉妮丝