HttpContext.Authentication.SignOutAsync does not delete auth cookie

前端未结

关注

 8  1027

温柔的废话 2020-12-10 10:16

According to ASP.NET Core documentation the method HttpContext.Authentication.SignOutAsync() must delete the authentication cookie as well.

8条回答

小蘑菇 (楼主)

2020-12-10 10:55

Here's the code that deletes the cookie (If nothing else helps, use brute force):

await this.HttpContext.Authentication.SignOutAsync();

// ...

var cookie = this.Request.Cookies[];
if (cookie != null)
{
    var options = new CookieOptions { Expires = DateTime.Now.AddDays(-1) };
    this.Response.Cookies.Append(cookieName, cookie, options);
}

Bad, bad, bad! Seems like a very ugly patch! But works... :(

Any other solutions?

0 讨论(0)

查看其它8个回答