IdentityServer的基于角度的登录页面 [英] Angular-based login page for IdentityServer

问题描述

我正在使用Asp.Net Core开发具有angular和后端的前端应用程序，其中包含用于身份验证的IdentityServer4(基于此

I'm developing a frontend app with angular and a backend with Asp.Net Core, which contains and IdentityServer4 for authentication (based on this github project).

此刻，我正在登录IdentityServer的登录页面，但我想使用以角度开发的自定义登录页面，而不是使用IdentityServer的登录页面，而是使用AccountController的登录服务.

At the moment I'm logging in the IdentityServer's login page, but I want to use a custom login page developed in angular instead of using the IdentityServer's login page, instead using the login service of the AccountController.

我可以通过Angular应用程序中的http请求来调用此服务，但是我无法获得 _signInManager.PasswordSignInAsync 函数生成的访问jwt令牌.这可能吗?我一直在搜索，但没有找到明确的解决方案.

I can call this service via http request from Angular app, but I cannot obtain the access jwt token generated by the _signInManager.PasswordSignInAsync function. Is this possible? I've been searching, but I've not found a clear solution.

推荐答案

您必须问自己一些问题.您真的需要IdentityServer吗?您需要单独的登录申请吗?

You have to ask yourself something. Do you really need IdentityServer? Do you require a separate application for login?

一个有效的答案是，如果您需要SSO.因为您可以完美地将整个快速入门模板从ASP.Net MVC更改为Angular前端和webapi.

A valid answer would be if you need it for SSO. Because you can perfectly change the whole quick start template from ASP.Net MVC to a Angular frontend and a webapi.

但是我有一种感觉，您希望将您的登录页面与您的应用程序前端集成在一起.从OAuth的角度来看，这没有多大意义.因为idsrv被构建为单独的应用程序.

But I have a feeling you want to integrate your login page with your application front end. This doesn't make much sense from and OAuth view point. Because idsrv is built to be a separate application.

例如，Google登录页面位于单独的域上，因此其他应用程序(如Stackoverflow)使用该登录项来检查您是否已通过身份验证.如果您将此功能再次移至应用程序(在本例中为Stackoverflow)，您将一无所获.

For example the Google login page is on a seperate domain so other applications (Like Stackoverflow) use that one to check if you are authenicated. If you would move this functionality again to the application (in this case Stackoverflow) you wouldn't have gained anything.

您当然可以使用PasswordCredential流.但是，如果您只有一个应用程序，则可能仅将身份服务器用于JWT生成.而且您可以做更多的simpeler.

You can ofcourse use the PasswordCredential flow. But if you only have one application than you are probably using identity server only for the JWT generation. And you can do this more simpeler.

那么您能提供一些有关您的体系结构的更多信息吗?

So can you give a little bit more information about your architecture?

(这应该是一个问题而不是答案，但是要花很长时间...)

(This should be a question instead of an answer but it's to long...)

这篇关于IdentityServer的基于角度的登录页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！