Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/283.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# Identity Core TwoFactorSignIn是否包含错误?_C#_Asp.net Core_Asp.net Identity_Asp.net Core Mvc - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# Identity Core TwoFactorSignIn是否包含错误?

C# Identity Core TwoFactorSignIn是否包含错误?

c# asp.net-core asp.net-core-mvc

C# Identity Core TwoFactorSignIn是否包含错误?,c#,asp.net-core,asp.net-identity,asp.net-core-mvc,C#,Asp.net Core,Asp.net Identity,Asp.net Core Mvc,我已经在一个ASP.NET核心应用程序上工作了几个月。现在,在即将完成第一个测试版时,我意识到我没有启用双因素身份验证,现在我想我在Microsoft.AspNetCore.Identity的实现中发现了一个bug。如果我们查看如何检索用户,它会执行以下操作: /// <summary> /// Returns the User ID claim value if present otherwise returns null. /// </summary

我已经在一个ASP.NET核心应用程序上工作了几个月。现在,在即将完成第一个测试版时,我意识到我没有启用双因素身份验证,现在我想我在
Microsoft.AspNetCore.Identity
的实现中发现了一个bug。如果我们查看如何检索用户,它会执行以下操作:

    /// <summary>
    /// Returns the User ID claim value if present otherwise returns null.
    /// </summary>
    /// <param name="principal">The <see cref="ClaimsPrincipal"/> instance.</param>
    /// <returns>The User ID claim value, or null if the claim is not present.</returns>
    /// <remarks>The User ID claim is identified by <see cref="ClaimTypes.NameIdentifier"/>.</remarks>
    public virtual string GetUserId(ClaimsPrincipal principal)
    {
        if (principal == null)
        {
            throw new ArgumentNullException(nameof(principal));
        }
        return principal.FindFirstValue(Options.ClaimsIdentity.UserIdClaimType);
    }

    /// <summary>
    /// Returns the user corresponding to the IdentityOptions.ClaimsIdentity.UserIdClaimType claim in
    /// the principal or null.
    /// </summary>
    /// <param name="principal">The principal which contains the user id claim.</param>
    /// <returns>The user corresponding to the IdentityOptions.ClaimsIdentity.UserIdClaimType claim in
    /// the principal or null</returns>
    public virtual Task<TUser> GetUserAsync(ClaimsPrincipal principal)
    {
        if (principal == null)
        {
            throw new ArgumentNullException(nameof(principal));
        }
        var id = GetUserId(principal);
        return id == null ? Task.FromResult<TUser>(null) : FindByIdAsync(id);
    }
有关GitHub问题,请参见以下内容:

双因素登录如果成功,意味着下一个请求将具有 用户集。当前请求的身份验证已发生。 所有签名都不会对当前请求产生影响

解决方案是在调用TwoFactorSignInAsync后删除GetCurrentUserAsync方法,我错误地认为该方法立即登录到用户中。

如果您认为这是一个bug,请将其发布到ASP.NET Core Identity GitHub问题跟踪器上。StackOverflow不适合这种情况stuff@Tseng不确定这是否是一个bug,这可能是由于我如何设置标识。您仍然可以在那里询问,您将向开发人员说明。如果是bug,他们将标记该问题。如果这是一个错误的用法,他们可能会给你一个正确的,并关闭问题。在任何情况下,它都将被定向给开发人员,开发人员可以随时对其进行判断best@Camilo,我想这是你建议的用法。照别人的建议去做。将其发布在Github问题跟踪器上。团队将对其进行整理,每个人都可以从中受益。根据@Tseng建议,该问题将发布在GitHub上 
CookieAuthenticationOptions cookieOptions = new CookieAuthenticationOptions
{
   CookieHttpOnly = true,
   LoginPath = "/User/Login",
   CookieSecure = CookieSecurePolicy.Always,
   LogoutPath = "/User/Logout"
 };

 services.AddIdentity<User, Role>(options =>
 {
     options.Cookies.ApplicationCookie = cookieOptions;
     options.Cookies.ExternalCookie = cookieOptions;
     options.Cookies.TwoFactorRememberMeCookie = cookieOptions;
     options.Cookies.TwoFactorUserIdCookie = cookieOptions;

     options.Password = new PasswordOptions
     {
         RequiredLength = 8,
         RequireLowercase = true,
         RequireUppercase = true,
         RequireNonAlphanumeric = true
     };

     options.SignIn.RequireConfirmedEmail = true;
 })
 .AddUserStore<MyStore>()
 .AddRoleStore<MyStore>()
 .AddDefaultTokenProviders();