0

我按照文章Use cookie authentication without ASP.NET Core Identity并从2.x/Cookies下载了示例。

在 VS 2017 中运行示例。按照文档和代码(受保护)中的指示打开“联系人”页面,使用简单字符串比较在代码中验证的凭据登录,如果已调试,则登录,这意味着它添加了用户主体及其声明,但重定向回登录页面而不是联系页面。

配置服务:

        services.Configure<CookiePolicyOptions>(options =>
        {
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddMvc()
        .AddRazorPagesOptions(options =>
        {
             options.Conventions.AuthorizePage("/Contact");
        })
        .SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

        #region snippet1   
        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(options => options.ExpireTimeSpan = new System.TimeSpan(0, 10, 0));
        #endregion

        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

配置

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();
        }
        else
        {
            app.UseExceptionHandler("/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();

        // Call UseAuthentication before calling UseMVC.
        #region snippet2
        app.UseAuthentication();
        #endregion

        app.UseMvc();

验证

            #region snippet1
            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, user.Email),
                new Claim("FullName", user.FullName),
                new Claim(ClaimTypes.Role, "Administrator"),
            };

            var claimsIdentity = new ClaimsIdentity(
                claims, CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);

            var authProperties = new AuthenticationProperties
            {
                AllowRefresh = true,
                // Refreshing the authentication session should be allowed.

                ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
                // The time at which the authentication ticket expires. A 
                // value set here overrides the ExpireTimeSpan option of 
                // CookieAuthenticationOptions set with AddCookie.

                IsPersistent = true,
                // Whether the authentication session is persisted across 
                // multiple requests. Required when setting the 
                // ExpireTimeSpan option of CookieAuthenticationOptions 
                // set with AddCookie. Also required when setting 
                // ExpiresUtc.

                //IssuedUtc = <DateTimeOffset>,
                // The time at which the authentication ticket was issued.

                //RedirectUri = <string>
                // The full path or absolute URI to be used as an http 
                // redirect response value.
            };

            await HttpContext.SignInAsync(
                CookieAuthenticationDefaults.AuthenticationScheme, 
                new ClaimsPrincipal(claimsIdentity),
                authProperties);
            #endregion

然后我重定向到联系人页面,但又回到了登录页面。

4

1 回答 1

1

在对这个项目进行测试后,我可以用 Chrome 重现你的问题,它适用于 Edge。

为了使其与 Chrome 一起使用,您可以将forlaunchSettings.json更改sslPortiisExpress44344不是0.

于 2018-11-20T03:00:26.743 回答