如何正确使用ServiceStack验证在ASP.Net MVC控制器 [英] How to use ServiceStack authentication correctly in ASP.Net MVC controller

问题描述

我在遇到问题越来越ServiceStack [验证]属性在ASP.Net MVC4控制器页/ action方法与属性的工作不断将用户重定向到的登录信息是否正确提交后连登录页面。

I'm having problem with getting ServiceStack [Authentication] attribute to work in ASP.Net MVC4 controller, pages / action methods with the attribute keep redirecting Users to the login page even after the login details are submitted correctly.

我跟着SocialBootstrapApi例如，不同之处在于所有验证Web服务调用是由控制器制作：

I've followed the SocialBootstrapApi example, with the difference being that all the authentication web service calls are made from the controllers:

this.CreateRestClient().Post<RegistrationResponse>("/register", model);

这是我到目前为止做其他的事情：

Other things that I've done so far:

• 使用我自己的用户会话实现子类AuthUserSession（从这个例子也差不太多，但使用我自己的实现用户表）


• 继承ServiceStackController我BaseController，覆盖默认登录URL


• 我的用户会话执行启用APPHOST验证功能

登记不工作，用户身份验证逻辑工作（即使会话不坚持），我可以看到 SS-ID 和 SS -pid 饼干中的要求。

Registration does work, user auth logic works (even though the session does not persist), and I can see the ss-id and ss-pid cookies in the request.

所以我的完整的问题清单：

So my complete list of questions:

1. 如何让[授权]属性的工作（或者，我做了什么错）？


2. 如何保存在MVC控制器重用用户会话？目前 this.UserSession 总是空。


3. 如何注销用户？ this.CreateRestClient（）获取＆LT; AuthResponse＆GT;（/认证/注销）; 似乎不工作

1. How do I make the [Authenticate] attribute work (or, what did I do wrong)?
2. How do I save and reuse the user session in an MVC controller? At the moment this.UserSession is always null.
3. How do I logout a user? this.CreateRestClient().Get<AuthResponse>("/auth/logout"); does not seem to work.

更新1：

该会话cookie（ SS-ID 和 SS-PID ）被当我尝试加载安全网页（那些创建与[授权]属性），在此之前任何凭据得到提交。这是预期的行为？

---

Update 1:
The session cookies (ss-id and ss-pid) gets created when I attempt to load the secured page (ones with [Authenticate] attribute), before any credentials get submitted. Is this the expected behaviour?

更新2：

我可以看到会话保存在 MemoryCacheClient ，但试图通过 this.Cache.Get＆LT在主控制器进行检索; CustomUserSession＆GT;（SessionKey ）返回null（其中SessionKey就像是：金塔：iauthsession：1 ）

Update 2:
I can see that the session is saved in MemoryCacheClient, however trying to retrieve it in the base controller via this.Cache.Get<CustomUserSession>(SessionKey) returns null (where SessionKey is like: urn:iauthsession:1)

推荐答案

多摆弄周围，显然勾ServiceStack认证方式后可通过拨打AuthService：

After much fiddling around, apparently the way to hook ServiceStack authentication is to call the AuthService via:

try {
    authResponse = AuthService.Authenticate(new Auth{ UserName = model.UserName, Continue = returnUrl, Password = model.Password });
} catch (Exception ex) {
    // Cut for brevity...
}

和不可以 authResponse = this.CreateRestClient（）发表＆LT; AuthResponse＆GT;（/认证/资格证书，模型）;！

其中， AuthService 在基控制器的定义是：

Where AuthService is defined in the base controller as:

public AuthService AuthService
{
    get
    {
        var authService = ServiceStack.WebHost.Endpoints.AppHostBase.Instance.Container.Resolve<AuthService>();
        authService.RequestContext = new HttpRequestContext(
            System.Web.HttpContext.Current.Request.ToRequest(),
            System.Web.HttpContext.Current.Response.ToResponse(),
            null);

        return authService;
    }
}

其他的一切（包括会话）现在可以正常工作。

Everything else (incl. session) works correctly now.

这篇关于如何正确使用ServiceStack验证在ASP.Net MVC控制器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！