我正在尝试在我的 ASP.NET MVC 项目中实现 cookie 身份验证,并且我已经根据我的研究编写了所有代码。
我真的不知道怎么了。我怀疑我的项目的文件夹层次结构已关闭,但不可能。但可能是剃须刀页面没有映射或创建[Authorize]
属性。我不知道
登录后正确创建了 cookie,但如果我放置任何没有 cookie 的 URL,则页面加载未经授权
我对这个项目的意图是有一个带有一些菜单的开放主页和一个用于数据管理的隐藏管理面板。如果还有其他关于如何保护管理页面的建议,我会全力以赴。
我的项目中没有角色。
这是我的代码。
启动.cs
public class Startup
{
public IConfiguration Configuration { get; }
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
var connectionString = Configuration.GetConnectionString("DefaultConnection");
services.AddControllersWithViews();
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Latest);
services.AddAuthentication("CookieAuth").AddCookie("CookieAuth", options =>
{
options.Cookie.Name = "CookieAuth";
options.LoginPath = "/Secure/Login";
//options.ExpireTimeSpan = TimeSpan.FromHours(1);
//options.AccessDeniedPath = "/Secure/Login";
});
services.AddRazorPages();
services.AddDbContext<ApplicationContext>(options =>
{
options.EnableSensitiveDataLogging();
options.UseSqlServer("Server=LAPTOP-QJIOM3MT;Database=BasePistas;Trusted_connection=True;");
});
services.AddScoped<IUnitOfWork, UnitOfWork>();
services.AddScoped<IUsuarioBusiness, UsuarioBusiness>();
services.AddScoped<IPistaBusiness, PistaBusiness>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseCookiePolicy();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
这是我的具有授权属性的控制器:
using Microsoft.AspNetCore.Authentication;
[Authorize]
public class AprovacoesController : Controller
{
[Authorize]
public IActionResult Consultar()
{
var aprovacoes = _pistaBusiness.Filtrar();
return View("Consulta",aprovacoes);
}
}
我认为我的登录身份验证是正确的,但我会把它放在这里 - LoginController
:
[AllowAnonymous]
[HttpPost]
public async Task<IActionResult> Login(LoginDto model)
{
if (ModelState.IsValid)
{
var usuario = this._usuarioBusiness.Autenticar(model);
if (usuario != null)
{
var claims = new List<Claim>()
{
new Claim(ClaimTypes.NameIdentifier, usuario.IdUsuario.ToString()),
new Claim(ClaimTypes.Name, usuario.Nome),
new Claim(ClaimTypes.GivenName, usuario.Login)
};
var identity = new ClaimsIdentity(claims, "CookieAuth");
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync("CookieAuth", principal);
return RedirectToAction("Index", "Home");
}
else
{
model = new LoginDto();
TempData["ErroAutenticacao"] = "Usuário ou senha inválido";
return View(model);
}
}
return View(model);
}
public async Task<IActionResult> Logout()
{
await HttpContext.SignOutAsync("CookieAuth");
return RedirectToAction("Login", "Secure");
}
这是文件夹层次结构