问题
I'm new to ASP.Net Core and trying to create an user authentication system. I'm using ASP.Net Core Identity user management. I have the below code for logging in an user.
/Areas/Identity/Pages/Account/Login.cshtml.cs
public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
_logger.LogInformation(User.Identity.IsAuthenticated.ToString());
return LocalRedirect(returnUrl);
}
if (result.RequiresTwoFactor)
{
return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return RedirectToPage("./Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return Page();
}
}
// If we got this far, something failed, redisplay form
return Page();
}
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
{
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"));
});
services.AddDefaultIdentity<IdentityUser>().AddEntityFrameworkStores<ApplicationDbContext>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
// Use a unique identity cookie name rather than sharing the cookie across applications in the domain.
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Name = Configuration["CookieName"];
});
// Add SAML SSO services.
services.AddSaml(Configuration.GetSection("SAML"));
services.AddTransient<IPasswordHasher<IdentityUser>, CustomPasswordHasher>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
"default",
"{controller=Home}/{action=Index}/{id?}");
});
}
I need to set some attributes in the cookies when the user logs in, but I always get User.Identity.IsAuthenticated false even if it shows User logged in in the logger and PasswordSignInAsync succeeds. How to log in the user inside OnPostAsync ?
N.B: User is logged in when redirected to home page after PasswordSignInAsync succeeds.
I've already checked this question but it didn't solve my issue.
回答1:
For User.Identity.IsAuthenticated, it only works for sub-request after PasswordSignInAsync.
You could try options below:
Redirect to another action to set the cookies.
public class LoginModel : PageModel { private readonly SignInManager<IdentityUser<int>> _signInManager; private readonly ILogger<LoginModel> _logger; public LoginModel(SignInManager<IdentityUser<int>> signInManager, ILogger<LoginModel> logger) { _signInManager = signInManager; _logger = logger; } //rest code public async Task<IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true); if (result.Succeeded) { _logger.LogInformation("User logged in."); return LocalRedirect($"~/Identity/Account/Login?handler=SetIdentity&returnUrl={returnUrl}"); } if (result.RequiresTwoFactor) { return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return RedirectToPage("./Lockout"); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return Page(); } } // If we got this far, something failed, redisplay form return Page(); } public async Task<IActionResult> OnGetSetIdentityAsync(string returnUrl) { _logger.LogInformation(User.Identity.IsAuthenticated.ToString()); return LocalRedirect(returnUrl); } }Use
_signInManager.CreateUserPrincipalAsyncpublic async Task<IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true); if (result.Succeeded) { var user = await _signInManager.UserManager.FindByEmailAsync(Input.Email); var userPrincipal = await _signInManager.CreateUserPrincipalAsync(user); var identity = userPrincipal.Identity; return LocalRedirect(returnUrl); } if (result.RequiresTwoFactor) { return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return RedirectToPage("./Lockout"); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return Page(); } } // If we got this far, something failed, redisplay form return Page(); }
来源:https://stackoverflow.com/questions/54547742/signinmanager-passwordsigninasync-succeeds-but-user-identity-isauthenticated