C# 重定向操作启动新会话_C#_Asp.net Core_.net Core_Identityserver4_Two Factor Authentication

C# 重定向操作启动新会话

c# asp.net-core .net-core identityserver4

C# 重定向操作启动新会话,c#,asp.net-core,.net-core,identityserver4,two-factor-authentication,C#,Asp.net Core,.net Core,Identityserver4,Two Factor Authentication,我有一个在我的用户中登录的控制器。假设它是一个现有用户，并且密码正确，我检查他们是否启用了2fa AccountControler登录方法 public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null) { ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid)

我有一个在我的用户中登录的控制器。假设它是一个现有用户，并且密码正确，我检查他们是否启用了2fa

AccountControler登录方法

public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
    {
        ViewData["ReturnUrl"] = returnUrl;
        if (ModelState.IsValid)
        {
            // This doesn't count login failures towards account lockout
            // To enable password failures to trigger account lockout, set lockoutOnFailure: true
            var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, _configurationSettings.LockoutOnFailure);
            if (result.Succeeded)
            {
                var user = await _userManager.FindByEmailAsync(model.Email);
                await _signInManager.SignInAsync(user, _configurationSettings.IsPersistent);
                _logger.LogInformation("User logged in.");
                return RedirectToLocal(returnUrl);
            }
            if (result.RequiresTwoFactor)
            {
                return RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe });
            }
            if (result.IsLockedOut)
            {
                _logger.LogWarning("User account locked out.");
                return RedirectToAction(nameof(Lockout));
            }

            ModelState.AddModelError(string.Empty, "Invalid login attempt.");
            return View(model);
        }

        // If we got this far, something failed, redisplay form
        return View(model);
    }

如何调用RedirectToAction并保留相同的会话

我一直在关注这个项目

更新：关于HttpContext的评论
谢谢@muqeetkhan给我的提示。因为我使用的是自定义SignInManager，所以需要设置适当的会话cookies，以便将用户数据传播到下一页

public class ApplicationSignInManager : SignInManager<ApplicationUser> { private readonly ILogger _logger; public ApplicationSignInManager(UserManager<ApplicationUser> userManager, IHttpContextAccessor contextAccessor, IUserClaimsPrincipalFactory<ApplicationUser> claimsFactory, IOptions<IdentityOptions> optionsAccessor, ILogger<ApplicationSignInManager> logger, IAuthenticationSchemeProvider schemes) : base(userManager, contextAccessor, claimsFactory, optionsAccessor, logger, schemes) { _logger = logger; } public override async Task<SignInResult> PasswordSignInAsync(string userEmail, string password, bool isPersistent, bool shouldLockout) { if (UserManager == null) return SignInResult.Failed; var result = await new FindUserCommand(_logger, UserManager, userEmail, password, shouldLockout).Execute(); if (result != SignInResult.TwoFactorRequired) return result; var user = await UserManager.FindByEmailAsync(userEmail); return await SignInOrTwoFactorAsync(user, true); // Required sets the session Cookie } }

公共类应用程序SignInManager:SignInManager { 专用只读ILogger\u记录器；公共应用程序SigninManager（UserManager UserManager、IHttpContextAccessor contextAccessor、IUserClaimsPrincipalFactory claimsFactory、IOOptions Accessor、， ILogger logger、IAuthenticationSchemeProvider schemes）：基本（用户管理器、上下文访问器、claimsFactory、OptionAccessor、logger、schemes） { _记录器=记录器； } public override异步任务PasswordSignInAsync（字符串userEmail、字符串password、bool ispersist、bool shouldllockout） { if（UserManager==null）返回信号结果失败； var result=wait new FindUserCommand（_logger，UserManager，userEmail，password，shouldllockout）。Execute（）； if（result！=SignInResult.TwoFactorRequired）返回结果； var user=await UserManager.findbyemailsync（userEmail）； return wait SignInOrTwoFactorAsync（user，true）；//必需设置会话Cookie } }

基本上
SignInOrTwoFactorAsync（用户，true）。作用域请求仅适用于当前请求。通过使用RedirectToAction ，您将302发送回浏览器，然后浏览器会向您的新操作发出新请求，从而创建一个新范围。UseTwoFactorSignInCookie（…）是否存在于您的解决方案中？@Mackan我认为ASP.NET Core不需要这样做。@serpent5啊，Core。我太落后了。返回identity 2纯粹为了进行诊断，请查看运行wait HttpContext.authenticateSync（IdentityConstants.TwoFactorUserIdScheme）返回的值LoginWith2fa -这是null ？这是第一个调用，本质上是在gettwactorauthenticationuserasync中进行的第一个调用。 services.AddIdentity<ApplicationUser, IdentityRole<long>>() .AddEntityFrameworkStores<ApplicationDbContext>() .AddSignInManager<ApplicationSignInManager>() .AddDefaultTokenProviders(); public class ApplicationSignInManager : SignInManager<ApplicationUser> { private readonly ILogger _logger; public ApplicationSignInManager(UserManager<ApplicationUser> userManager, IHttpContextAccessor contextAccessor, IUserClaimsPrincipalFactory<ApplicationUser> claimsFactory, IOptions<IdentityOptions> optionsAccessor, ILogger<ApplicationSignInManager> logger, IAuthenticationSchemeProvider schemes) : base(userManager, contextAccessor, claimsFactory, optionsAccessor, logger, schemes) { _logger = logger; } public override async Task<SignInResult> PasswordSignInAsync(string userEmail, string password, bool isPersistent, bool shouldLockout) { if (UserManager == null) return SignInResult.Failed; var result = await new FindUserCommand(_logger, UserManager, userEmail, password, shouldLockout).Execute(); if (result != SignInResult.TwoFactorRequired) return result; var user = await UserManager.FindByEmailAsync(userEmail); return await SignInOrTwoFactorAsync(user, true); // Required sets the session Cookie } }