ASP.NET核心身份和饼干 [英] ASP.NET Core Identity & Cookies
问题描述
我有一个使用AspNetCore.Identity.EntityFrameworkCore 1.1.1和cookie来授权/验证我的用户的ASP.NET Core网站.不管我在下面的代码中选择什么设置,cookie都会在20分钟后过期,我不知道为什么.除非您关闭浏览器并清除历史记录/Cookie,否则网站将无法正常工作.有什么想法吗?
I have an ASP.NET Core site using AspNetCore.Identity.EntityFrameworkCore 1.1.1 and cookies to authorize/authenticate my users. No matter what I choose as my setting in the code below, the cookie expires after about 20 minutes and I can't figure why. The website will then no longer work unless you close the browser and clear the history/cookies. Any ideas?
services.AddIdentity<ApplicationUser, IdentityRole>(config =>
{
// Require a confirmed email in order to log in
config.SignIn.RequireConfirmedEmail = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
app.UseIdentity();
// Add cookie middleware to the configure an identity request and persist it to a cookie.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookie",
LoginPath = new PathString("/Account/Login/"),
AccessDeniedPath = new PathString("/Account/Forbidden/"),
AutomaticAuthenticate = true,
AutomaticChallenge = true,
ExpireTimeSpan = TimeSpan.FromMinutes(20),
SlidingExpiration = true,
});
我还有一些剃须刀代码,用于控制是否在_layout页面上显示管理菜单.当Cookie过期时,这会崩溃,因为用户突然没有任何声明.有更好的方法来解决这个问题吗?
I also have some razor code that controls whether to show the admin menu on the _layout page. This crashes when the cookie expires as the users suddenly has no claims. Is there a better way to handle this?
// If user is admin then show drop down with admin navigation
@if (User.HasClaim(System.Security.Claims.ClaimTypes.Role, "admin"))
{
<ul class="nav navbar-nav">
@*etc*@
</ul>
}
推荐答案
在使用ASPNET身份时,您不需要单独的CookieAuthentication中间件. UseIdentity()
将为您执行此操作并生成一个cookie.您可以像这样在应用程序的AddIdentity块中设置"cookie options"
:
You do not need a separate CookieAuthentication middleware when you are using ASPNET identity. UseIdentity()
will do that for you and generate a cookie. You can set the "cookie options"
in the AddIdentity block of the application like so:
services.AddIdentity<ApplicationUser, IdentityRole>(config =>
{
// Require a confirmed email in order to log in
config.SignIn.RequireConfirmedEmail = true;
// Your Cookie settings
config.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(1);
config.Cookies.ApplicationCookie.LoginPath = "/Account/LogIn";
config.Cookies.ApplicationCookie.LogoutPath = "/Account/LogOut";
}).AddEntityFrameworkStores<ApplicationDbContext().AddDefaultTokenProviders();
此外,请查看 https://stackoverflow.com/a/34981457/1137785 这种场景的背景,并有很好的解释.
Also, take a look at https://stackoverflow.com/a/34981457/1137785, it gives a background of this sort of a scenario with a very good explanation.
这篇关于ASP.NET核心身份和饼干的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!