Asp.net core 密码登录成功后用户未被授权SYNC
我使用Postman将请求发送到/api/account/login,用户登录,然后我将请求发送到/api/account/logout,它成功注销,但当我在前端执行此操作时,我填写登录表单并发送请求,我得到响应。好的,但当我尝试将请求发送到/api/account/logout时,它抛出401个未经授权的错误 我认为我的Startup.cs ConfigureServices方法有问题,但我不确定是什么问题Asp.net core 密码登录成功后用户未被授权SYNC,asp.net-core,authorization,asp.net-identity,react-redux,unauthorized,Asp.net Core,Authorization,Asp.net Identity,React Redux,Unauthorized,我使用Postman将请求发送到/api/account/login,用户登录,然后我将请求发送到/api/account/logout,它成功注销,但当我在前端执行此操作时,我填写登录表单并发送请求,我得到响应。好的,但当我尝试将请求发送到/api/account/logout时,它抛出401个未经授权的错误 我认为我的Startup.cs ConfigureServices方法有问题,但我不确定是什么问题 public void ConfigureServices(IServiceC
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().AddJsonOptions(x =>
x.SerializerSettings.ReferenceLoopHandling =
Newtonsoft.Json.ReferenceLoopHandling.Ignore);
services.AddDbContext<AppDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("RemoteConnection")));
services.AddIdentity<User, Role>()
.AddEntityFrameworkStores<AppDbContext, int>()
.AddDefaultTokenProviders();
services.Configure<IdentityOptions>(options =>
{
options.Cookies.ApplicationCookie.AutomaticChallenge = false;
});
// services.AddScoped<UserGroupRepository, UserGroupRepository>();
services.AddScoped<IUnitOfWork, UnitOfWork>();
services.AddScoped<ISurveysRepository, SurveysRepository>();
services.AddScoped<IUsersRepository, UsersRepository>();
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions
{
HotModuleReplacement = true,
ReactHotModuleReplacement = true
});
}
app.UseStaticFiles();
app.UseIdentity();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
routes.MapSpaFallbackRoute(
name: "spa-fallback",
defaults: new { controller = "Home", action = "Index" });
});
}
public void配置服务(IServiceCollection服务)
{
services.AddMvc().AddJsonOptions(x=>
x、 SerializerSettings.ReferenceLoopHandling=
Newtonsoft.Json.ReferenceLoopHandling.Ignore);
services.AddDbContext(选项=>
options.UseSqlServer(Configuration.GetConnectionString(“RemoteConnection”));
服务.额外性()
.AddEntityFrameworkStores()
.AddDefaultTokenProviders();
配置(选项=>
{
options.Cookies.applicationcokie.automaticcchallenge=false;
});
//services.addScope();
services.addScope();
services.addScope();
services.addScope();
}//此方法由运行时调用。使用此方法配置HTTP请求管道。
公共void配置(IApplicationBuilder应用程序、IHostingEnvironment环境、iLogger工厂)
{
loggerFactory.AddConsole(Configuration.GetSection(“Logging”);
loggerFactory.AddDebug();
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseWebpackDevMiddleware(新的WebpackDevMiddlewareOptions
{
HotModuleReplacement=true,
ReactHotModuleReplacement=true
});
}
app.UseStaticFiles();
app.UseIdentity();
app.UseMvc(路由=>
{
routes.MapRoute(
名称:“默认”,
模板:“{controller=Home}/{action=Index}/{id?}”);
routes.MapSpaFallbackRoute(
名称:“水疗后援”,
默认值:新建{controller=“Home”,action=“Index”});
});
}
我注意到,当使用表单发送请求时,即使在这里,用户也没有得到授权
[HttpPost("login")]
public async Task<IActionResult> Login([FromBody] LoginRequest request)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var result = await _signInManager.PasswordSignInAsync(request.UserName, request.Password, true, false);
if (!result.Succeeded)
{
return StatusCode((int)HttpStatusCode.Conflict, new ErrorResponse
{
ErrorMessage = "Invalid User Name or Password."
});
}
if (User.Identity.IsAuthenticated)
return NoContent();
else
return BadRequest(ModelState);
}
[HttpPost(“登录”)]
公共异步任务登录([FromBody]登录请求)
{
如果(!ModelState.IsValid)
{
返回请求(ModelState);
}
var result=await _signInManager.PasswordSignInAsync(request.UserName,request.Password,true,false);
如果(!result.successed)
{
返回状态码((int)HttpStatusCode.Conflict,新错误响应
{
ErrorMessage=“无效的用户名或密码。”
});
}
if(User.Identity.IsAuthenticated)
返回NoContent();
其他的
返回请求(ModelState);
}
是我的api.js performRequest方法中的一个错误,我错过了
credentials: 'include'
您的配置方法是什么?这是一个有趣的部分,因为中间件是在那里注册的,注册的顺序很重要,我添加了Configure方法