ASP.NET Identity in Microservice Architecture

后端未结

关注

 1  1422

鱼传尺愫 2020-12-01 08:42

I\'m attempting to implement a web app using a microservice architecture by breaking up major components into separate web servers. I\'m implementing an authentication serve

1条回答

-上瘾入骨i (楼主)

2020-12-01 09:15

I've done something similar by doing the following (using cookie authentication):

1 - set the cookie domain to be the TLD across all websites

My Startup.Auth.cs looks like this:

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => {
                        var identity = manager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

                        //some additional claims and stuff specific to my needs
                        return Task.FromResult(identity);
                    })
            },
            CookieDomain = ".example.com"
        });

2 - update the web.config of all websites to use the same

Mine looks like this:

Now I can perform login operations on, say, account.example.com, and redirect the user to site1.example.com and they will be seen as authenticated.

0 讨论(0)