Asp.Net核心“记住我"部署后永久性Cookie无效 [英] Asp.Net core "remember me" persistent cookie not works after deploy
本文介绍了Asp.Net核心“记住我"部署后永久性Cookie无效的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我已经构建了一个MVC Core(框架)应用程序,并且使用Identity登录. 当我单击记住我"选项时,在我的开发计算机上一切正常,但是在服务器计算机上部署后,记住我"在30分钟后仍无法保持登录状态.
I've built an MVC Core (Framework) application and I use Identity to login. When I click "Remember me" option all is ok on my develop machine, but after deploy on server machine, "remember me" doesn't maintain login after 30 minutes.
我试图检查cookie的到期日期是否已设置并且似乎还可以,而且在服务器计算机上,cookie的设置似乎也不错. 您可以在下图中看到我的cookie详细信息:
I tried to check if cookie expiry date is set and seems to be ok, also on server machine the cookie seems well set. You can see my cookies detail in following image:
有人可以帮我解决这个问题吗?
Can anyone help me to solve this issue?
在此先感谢您的答复:)
Thanks in advance for your reply :)
根据Orhun的要求,我在Startup.cs内容下方添加:
As required by Orhun, I add below my Startup.cs content:
public partial class Startup
{
public SymmetricSecurityKey signingKey;
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);
if (env.IsDevelopment())
{
// For more details on using the user secret store see https://go.microsoft.com/fwlink/?LinkID=532709
builder.AddUserSecrets<Startup>();
}
builder.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
///////////////////////////
// Custom Services - START
///////////////////////////
string conn = CreateConnectionString(Configuration.GetConnectionString("TiesseWebConnection"));
services.AddScoped<System.Data.Entity.DbContext>((_) => new TiesseWeb.DAL.TiesseWebEntities(conn)); //Configuration["Data:DefaultConnection:ConnectionString"]));
// SESSION section
services.AddMemoryCache();
services.AddDistributedMemoryCache();
services.AddSession();
services.AddSingleton<IConfiguration>(Configuration); // IConfiguration explicitly
// Add functionality to inject IOptions<T> (important for inject Config object)
services.AddOptions();
// Add our Config object so it can be injected
services.Configure<Settings>(Configuration.GetSection("Settings"));
// Add our Config object so it can be injected
services.AddScoped<Settings>();
services.AddScoped<Tiesse.Web.BL.TiesseWebManager>();
///////////////////////////
// Custom Services - END
///////////////////////////
// Add framework services.
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("TiesseWebConnection")));
services.AddIdentity<ApplicationUser, ApplicationRole>(i =>
{
i.SecurityStampValidationInterval = TimeSpan.FromDays(14);
//i.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(14);
})
//services.AddIdentity<ApplicationUser, ApplicationRole>()//IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext, int>()
.AddDefaultTokenProviders();
services.AddMvc().AddJsonOptions(jsonOptions =>
{
jsonOptions.SerializerSettings.NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore;
}); ;
// Add application services.
services.AddTransient<IEmailSender, AuthMessageSender>();
services.AddTransient<ISmsSender, AuthMessageSender>();
// Adds Authorizations
services.AddAuthorization(options =>
{
options.AddPolicy("Admin", policy => policy.RequireClaim("Admin"));
options.AddPolicy("Admin-Utenti", policy => policy.RequireClaim("Admin-Utenti"));
options.AddPolicy("Admin-Filiali", policy => policy.RequireClaim("Admin-Filiali"));
options.AddPolicy("Admin-Reparti", policy => policy.RequireClaim("Admin-Reparti"));
options.AddPolicy("GoogleDrive", policy => policy.RequireClaim("GoogleDrive"));
options.AddPolicy("GoogleDrive-Gestione", policy => policy.RequireClaim("GoogleDrive-Gestione"));
options.AddPolicy("GoogleDrive-Gestione-Struttura", policy => policy.RequireClaim("GoogleDrive-Gestione-Struttura"));
options.AddPolicy("GoogleDrive-Consultazione", policy => policy.RequireClaim("GoogleDrive-Consultazione"));
options.AddPolicy("Reports", policy => policy.RequireClaim("Reports"));
options.AddPolicy("Reports-Test", policy => policy.RequireClaim("Reports-Test"));
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
// Custom settings
app.UseSession();
//// configures Bearer token Authentication
//ConfigureAuth(app);
///////////////////
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
//app.UseDeveloperExceptionPage();
//app.UseDatabaseErrorPage();
//app.UseBrowserLink();
}
app.UseStaticFiles();
app.UseIdentity();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
//CookieName = "MyWebCookie",
//CookieDomain = "http://devweb01:81", // uncomment when deploy
CookieHttpOnly = true,
CookieSecure = CookieSecurePolicy.Always,
ExpireTimeSpan = TimeSpan.FromDays(30),
SlidingExpiration = true,
AutomaticAuthenticate = true,
AutomaticChallenge = true
//AuthenticationScheme = "MyeWebCookie"
});
app.UseGoogleAuthentication(new GoogleOptions()
{
// following Goggle Secrets data have been hardcoded because Configuration with Secrets.json works only in development environment
ClientId = "XXXXXXX....",
ClientSecret = "XXXXXXX....",
AutomaticAuthenticate = true
//SignInScheme = "MyWebCookie"
});
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
#region Methods
public static string CreateConnectionString(string providerConnectionString)
{
var entityBuilder = new EntityConnectionStringBuilder();
// use your ADO.NET connection string
entityBuilder.ProviderConnectionString = providerConnectionString;
entityBuilder.Provider = "System.Data.SqlClient";
// Set the Metadata location.
entityBuilder.Metadata = @"res://*/TiesseWebDB.csdl|res://*/TiesseWebDB.ssdl|res://*/TiesseWebDB.msl";
return entityBuilder.ConnectionString;
}
#endregion
}
推荐答案
我遇到了同样的问题.我无法解决很长一段时间.但是几天前我找到了解决方案.正如您在评论中提到的那样,问题出在机器钥匙上.我不知道为什么,但是应用程序每次重新启动时都会生成新的机器密钥.因此解决问题的方法是强制应用程序使用常量密钥.为此,您需要在启动时添加如下代码:
I faced same issue. I couldn't solve it for a long time. But few days ago I found solution. As you mentioned in comments the problem is machine key. I don't know why, but application generates new machine key every time when it has been restarted. So way to solve problem is to force application to use constant key. To do it you need to add code like this in startup:
public void ConfigureServices(IServiceCollection services)
{
var environment = services.BuildServiceProvider().GetRequiredService<IHostingEnvironment>();
services.AddDataProtection()
.SetApplicationName($"my-app-{environment.EnvironmentName}")
.PersistKeysToFileSystem(new DirectoryInfo($@"{environment.ContentRootPath}\keys"));
...
}
在"key"文件夹中启动应用程序后,您将找到包含机器密钥的xml.您可以在此处
After application's start in "key" folder you will find xml which contains your machine key. More details you can find here
这篇关于Asp.Net核心“记住我"部署后永久性Cookie无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
