部署后 ASP.Net Core Identity 登录状态丢失 [英] ASP.Net Core Identity login status lost after deploy

问题描述

我正在使用 ASP.Net Core 和 MS Identity，我试图了解为什么每次部署后登录用户都被注销.我在 IIS 8.5 上运行

I am using ASP.Net Core and MS Identity, I try to understand why after each deployment the login users are logged out. I am running on a IIS 8.5

我一直在尝试这个线程中的方法(设置静态机器密钥)ASP.NET Identity 2 部署后重新登录通过在 IIS UI 中的服务器级别生成静态密钥并将以下内容添加到网站的 web.config 中:

I have been trying the method in this thread (setting static machine key) ASP.NET Identity 2 relogin after deploy by generating static keys at the server level in IIS UI and adding the following to web.config of the website:

<system.web>
    <machineKey validationKey="XXX"
        decryptionKey="XXX"
        validation="SHA1" decryption="AES"/>
</system.web>

然而问题依然存在:

• 用户登录
• 停止站点
• 开始网站
• 用户需要重新登录

但我也这样做:

• 用户登录
• 重启网站
• 用户仍处于登录状态

什么会导致用户注销?关于如何避免这种情况的任何想法?

What can cause the user to be logged off? Any idea on how to avoid that?

推荐答案

(解决方案在 Chris 评论后拆分为单独的答案)

(solution split into a separate answer following Chris comment)

我找到了一个保持登录状态的解决方案，它在网站停止/启动后仍然存在，并且网站源文件夹的更新:

I found a solution to keep the login status, it survives website stop/start, and an update of the website source folder:

public void ConfigureServices(IServiceCollection services)
{
    services.AddDataProtection()
            // This helps surviving a restart: a same app will find back its keys. Just ensure to create the folder.
            .PersistKeysToFileSystem(new DirectoryInfo("\MyFolder\keys\"))
            // This helps surviving a site update: each app has its own store, building the site creates a new app
            .SetApplicationName("MyWebsite")
            .SetDefaultKeyLifetime(TimeSpan.FromDays(90));
}

使用这些额外的行和机器密钥设置后，登录数据在站点停止/启动和 IIS 服务器重新启动后以及站点重建后仍会保留.

With these additional lines and the machine key set, the login data stays after site stop/start and IIS server restart, and if the site is rebuilt.

更多信息:https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview

justserega 提出的更多建议:https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/advanced?view=aspnetcore-6.0#data-protection

More proposed by justserega: https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/advanced?view=aspnetcore-6.0#data-protection

这篇关于部署后 ASP.Net Core Identity 登录状态丢失的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！