Cookies ASP.NET Core Razor Pages Cookie身份验证在成功登录后重定向到登录页面
我按照文章的内容从下载了示例 在VS 2017中运行样本。按照文档和代码中的指示打开“联系人”页面(受保护),使用在代码中使用简单字符串比较验证的凭据登录,如果调试,它将登录,这意味着它将在中添加用户主体及其声明,但重定向回登录页面,而不是联系人页面 配置服务:Cookies ASP.NET Core Razor Pages Cookie身份验证在成功登录后重定向到登录页面,cookies,asp.net-core,razor-pages,cookie-authentication,Cookies,Asp.net Core,Razor Pages,Cookie Authentication,我按照文章的内容从下载了示例 在VS 2017中运行样本。按照文档和代码中的指示打开“联系人”页面(受保护),使用在代码中使用简单字符串比较验证的凭据登录,如果调试,它将登录,这意味着它将在中添加用户主体及其声明,但重定向回登录页面,而不是联系人页面 配置服务: services.Configure<CookiePolicyOptions>(options => { options.CheckConsentNeeded =
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizePage("/Contact");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
#region snippet1
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options => options.ExpireTimeSpan = new System.TimeSpan(0, 10, 0));
#endregion
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
认证
#region snippet1
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, user.Email),
new Claim("FullName", user.FullName),
new Claim(ClaimTypes.Role, "Administrator"),
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
// Refreshing the authentication session should be allowed.
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. Required when setting the
// ExpireTimeSpan option of CookieAuthenticationOptions
// set with AddCookie. Also required when setting
// ExpiresUtc.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
#endregion
#区域片段1
var索赔=新列表
{
新索赔(ClaimTypes.Name、user.Email),
新声明(“全名”,user.FullName),
新索赔(ClaimTypes.Role,“管理员”),
};
var claimsIdentity=新的claimsIdentity(
声明,CookieAuthenticationDefaults.AuthenticationScheme,ClaimTypes.Name,ClaimTypes.Role);
var authProperties=新的AuthenticationProperties
{
AllowRefresh=true,
//应允许刷新身份验证会话。
ExpiresUtc=DateTimeOffset.UtcNow.AddMinutes(10),
//身份验证票证过期的时间。A
//此处设置的值覆盖的ExpireTimeSpan选项
//使用AddCookie设置Cookie AuthenticationOptions。
ispersist=true,
//验证会话是否在多个服务器上持久化
//多个请求。设置
//CookieAuthenticationOptions的ExpireTimeSpan选项
//使用AddCookie设置。设置时也是必需的
//到期UTC。
//IssuedUtc=,
//颁发身份验证票证的时间。
//重定向URI=
//要用作http的完整路径或绝对URI
//重定向响应值。
};
等待HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
新的索赔(索赔实体),
版权所有),;
#端区
然后我重定向到联系人页面,但返回到登录页面 在对该项目进行测试后,我可以用Chrome重现您的问题,它与Edge一起工作 要使其与Chrome一起工作,您可以转到
launchSettings.json
,并将iisExpress的sslPort
更改为44344
,而不是0
#region snippet1
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, user.Email),
new Claim("FullName", user.FullName),
new Claim(ClaimTypes.Role, "Administrator"),
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
// Refreshing the authentication session should be allowed.
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. Required when setting the
// ExpireTimeSpan option of CookieAuthenticationOptions
// set with AddCookie. Also required when setting
// ExpiresUtc.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
#endregion