第1部分
是什么导致联系人重定向到登录和主页?
- 如果页面或控制器配置为允许匿名,它将不会重定向到登录
[AllowAnonymous]
public class HomePage : PageModel
{
//...
}
- 如果页面/文件夹或区域仅配置给授权用户,则通过
[Authorize]
属性或其中的属性startup.cs
将用户重定向到未登录的登录页面。
[Authorize]
public ContactModel : PageModel
{
// ...
}
这是启动时授权的示例配置,我们在其中创建了一个以RequireAdmins
角色名称命名的基于角色的策略Admins
:
services.AddRazorPages()
.AddRazorPagesOptions(ops =>
{
ops.Conventions.AuthorizeAreaFolder("Panel", "/", "RequireAdmins");
ops.Conventions.AuthorizeFolder("/", "RequireAdmins");
ops.Conventions.AllowAnonymousToAreaPage("Identity", "/Account/AccessDenied");
});
services.AddAuthorization(ops =>
{
ops.AddPolicy("RequireAdmins", policy => policy.RequireRole("Admins"));
});
第2部分
我在哪里配置我要重定向到的帐户/登录名?
配置可以在启动时完成,通常我会创建一个自定义身份验证 cookie:
public class XCookieAuthEvents : CookieAuthenticationEvents
{
public override Task RedirectToLogin(RedirectContext<CookieAuthenticationOptions> context)
{
context.RedirectUri = $"/Identity/Account/CustomLogin";
return base.RedirectToLogin(context);
}
public override Task RedirectToLogout(RedirectContext<CookieAuthenticationOptions> context)
{
context.RedirectUri = $"/Identity/Account/CustomLogout";
return base.RedirectToLogout(context);
}
public override Task RedirectToAccessDenied(RedirectContext<CookieAuthenticationOptions> context)
{
context.RedirectUri = $"/Identity/Account/CustomAccessDenied";
return base.RedirectToAccessDenied(context);
}
public override Task RedirectToReturnUrl(RedirectContext<CookieAuthenticationOptions> context)
{
context.RedirectUri = $"/CustomReturnUrl";
return base.RedirectToReturnUrl(context);
}
}
然后在启动时注册:
services.AddScoped<XCookieAuthEvents>();
// optional: customize cookie expiration time
services.ConfigureApplicationCookie(ops =>
{
ops.EventsType = typeof(XCookieAuthEvents);
ops.ExpireTimeSpan = TimeSpan.FromMinutes(30);
ops.SlidingExpiration = true;
});