OWIN鉴权不鉴权
本文关键字:OWIN | 更新日期: 2023-09-27 18:01:16
我是OWIN身份验证的新手,我正试图获得(看似)基本的工作。
当我发布到我的登录动作"_signInManager. .PasswordSignInAsync"返回成功,但我的IPrincipal用户似乎没有更新。另外,如果我执行单独的测试(即执行userManager。FindByEmail和做登录计数,或尝试SignInManager.GetVerifiedUserId)我没有得到任何成功登录尝试的历史。因此,当重定向发生时,.net已经忘记了登录的用户,并表现得好像它从未经过身份验证,我不知道为什么。
值得注意的是,我的Identity是一个独立的解决方案,由主解决方案引用。
<标题>主要解决方案:账户控制器:
private ApplicationSignInManager _signInManager;
private ApplicationUserManager _userManager;
public AccountController()
{
_userManager = OwinContext.GetApplicationUserManager();
_signInManager = OwinContext.GetApplicationSignInManager();
}
public AccountController(ApplicationUserManager userManager, ApplicationSignInManager signInManager)
{
_userManager = userManager;
_signInManager = signInManager;
}
***Other methods***
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(Login model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (OwinContext.SignInResult(result))
{
case OwinContext.SignInStatus.Success:
if (User.IsInRole("Admin") || User.IsInRole("SuperAdmin"))
{
return RedirectToAction("UserList");
}
return RedirectToLocal(returnUrl);
case OwinContext.SignInStatus.LockedOut:
return View("Lockout");
case OwinContext.SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case OwinContext.SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
private static IOwinContext GetOwinContext()
{
return HttpContextWrapper.GetCurrentContext().GetOwinContext();
}
public static ApplicationSignInManager GetApplicationSignInManager()
{
var applicationSignInManager = GetOwinContext().Get<ApplicationSignInManager>();
return applicationSignInManager;
}
Startup.cs
using System.Data.Entity;
using Microsoft.Owin;
using Owin;
using Shared_Identity.IdentityConfig;
using Shared_Identity.Models.Context;
namespace Shared_Identity
{
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
//ConfigureAuth(app);
Database.SetInitializer<SharedIdentity>(null);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
}
}
}
我试过了:
https://stackoverflow.com/a/27282956/4046026
https://stackoverflow.com/a/30734550/4046026 -(确认DB连接字符串正确)
https://stackoverflow.com/a/24643382/4046026
https://stackoverflow.com/a/27500097/4046026
随着看一些杂项教程从谷歌,但无处不在似乎建议这应该是直截了当的。我可能错过了一些简单的东西,或者有一个概念上的问题。
郝坤在https://stackoverflow.com/a/19102266/4046026上的回答解决了我的问题。
专:
你需要在Startup.Auth.cs中做以下修改:
app.UseCookieAuthentication(new CookieAuthenticationOptions {
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});