C# 设置cookie作为响应
我将OWIN授权添加到我的web项目中,我想在服务器将响应返回给用户时将令牌写入cookie中。我找不到如何做到这一点,目前服务器只返回令牌作为响应 在C# 设置cookie作为响应,c#,owin,C#,Owin,我将OWIN授权添加到我的web项目中,我想在服务器将响应返回给用户时将令牌写入cookie中。我找不到如何做到这一点,目前服务器只返回令牌作为响应 在Startup.cs中我有: public void Configuration(IAppBuilder app) { // Enable CORS (cross origin resource sharing) for making request using browser from di
Startup.cs中
我有:
public void Configuration(IAppBuilder app)
{
// Enable CORS (cross origin resource sharing) for making request using browser from different domains
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
{
AllowInsecureHttp = true,
//The Path For generating the Toekn
TokenEndpointPath = new PathString("/login"),
//Setting the Token Expired Time (24 hours)
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
//MyAuthorizationServerProvider class will validate the user credentials
Provider = new AuthorizationServerProvider()
};
//Token Generations
app.UseOAuthAuthorizationServer(options);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
app.Use(typeof(LoggingMiddleware));
HttpConfiguration config = new HttpConfiguration();
WebApiConfig.Register(config);
}
而且,AuthorizationServerProvider
看起来像:
public class AuthorizationServerProvider : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
using (UserMasterRepository _repo = new UserMasterRepository())
{
var user = await _repo.ValidateUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
context.Rejected();
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Role, user.UserRoles));
identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
identity.AddClaim(new Claim("Email", user.UserEmailID));
context.Validated(identity);
}
}
}
我真的不确定你是否有权访问HttpContext中的响应。但如果你这样做了,这个问题的答案可能会有所帮助-