您的位置: 首页  >  技术问答  >  Asp.Net MVC核心和标识3

Asp.Net MVC核心和标识3

分类: 技术问答 2022-06-08 15:36:21
问题描述:

我有一个使用vnext/core 1.0的站点设置,它使用Identity 3进行身份验证。我可以创建用户,我可以更改密码,我可以很好地登录。问题是,它似乎忽略了ExpireTimespan属性,因为我在一段时间后被随机踢出了应用程序,而我正在努力达到它的底部。Asp.Net MVC核心和标识3

我有我自己的userstore和的UserManager

public IServiceProvider ConfigureServices(IServiceCollection services) 
{ 
    ... 

    services.AddIdentity<Domain.Models.User, Domain.Models.UserRole>() 
       .AddUserStore<UserStore>() 
       .AddRoleStore<RoleStore>() 
       .AddUserManager<MyUserManager>()     
       .AddDefaultTokenProviders(); 

    ... 

} 

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) 
     { 
... 

app.UseMyIdentity(); 

... 
} 


public static IApplicationBuilder UseMyIdentity(this IApplicationBuilder app) 
     { 
      if (app == null) 
      { 
       throw new ArgumentNullException(nameof(app)); 
      } 

      var marker = app.ApplicationServices.GetService<IdentityMarkerService>(); 
      if (marker == null) 
      { 
       throw new InvalidOperationException("MustCallAddIdentity"); 
      } 

      var options = app.ApplicationServices.GetRequiredService<IOptions<IdentityOptions>>().Value; 

      app.UseCookieAuthentication(options.Cookies.ExternalCookie); 
      app.UseCookieAuthentication(options.Cookies.TwoFactorRememberMeCookie); 
      app.UseCookieAuthentication(options.Cookies.TwoFactorUserIdCookie); 
      CookieAuthenticationOptions appCookie = options.Cookies.ApplicationCookie; 

      appCookie.LoginPath = new Microsoft.AspNet.Http.PathString("/Login"); 
      appCookie.SlidingExpiration = true; 
      appCookie.ExpireTimeSpan = TimeSpan.FromHours(8); 
      appCookie.CookieName = "MyWebApp"; 

      app.UseCookieAuthentication(appCookie); 
      return app; 
     }

登录控制器

var user = await userManager.FindByNameAsync(model.Username); 

      if (user != null) 
      { 
       SignInResult result = await signInManager.PasswordSignInAsync(user, model.Password, false, false); 

       if (result.Succeeded) 
       { 
        RedirectToActionPermanent("Index", "Home"); 
       }     
      }

见我的问题在这里:经历了 ASP.NET Core 1.0 - MVC 6 - Cookie Expiration

我遇到了同样的问题,花了几个小时在github上的aspnet身份验证的操作系统代码:-)

您的自定义UserManager必须执行Get/UpdateSecurityStampAsync

public class MyUserManager:UserManager<MinervaUser> 
{ 
... 
    public override bool SupportsUserSecurityStamp 
    { 
     get 
     { 
      return true; 
     } 
    } 
    public override async Task<string> GetSecurityStampAsync(MinervaUser user) 
    { 
     // Todo: Implement something useful here! 
     return "Token"; 
    } 

    public override async Task<IdentityResult> UpdateSecurityStampAsync(MinervaUser user) 
    { 
     // Todo: Implement something useful here! 
     return IdentityResult.Success; 
    }
+0

感谢回复@mcb。我最终设置了自己的ClaimsIdentity,结果比使用身份更简单和容易,他们在mvc6方面做得非常好:https://docs.asp.net/en/latest/security/authentication/cookie .html – Phil

+0

是的,从昨天开始,RC2就有文档[链接](https://docs.asp.net/en/latest/security/authentication/cookie.html)。仍然不会介意,如果你接受答案:-) – mcb

相关推荐