设置 CookieAuthentication 重定向路径

Set CookieAuthentication redirect path

我只希望具有 LocationId 的用户能够访问我的控制器方法。 在位置索引页面上,用户输入他们的 ID,该 ID 保存在 cookie 中。

如果用户试图访问没有的页面,用户应该被重定向到位置索引页面。 这几乎可以工作,但我的重定向有问题。

我正在使用 asp net core 2.0.

我的控制器是这样的

[AllowAnonymous]
public class LocationController : Controller
{
...
    [HttpGet]
    public IActionResult Index()
    {
        return View();
    }

    [HttpPost]
    public async Task<IActionResult> Index(string id)
    {
        ILocationModel location = await _repo.GetLocation(id);
        if (location != null)
        {
            var claims = new List<Claim> { new Claim(ClaimTypes.Name, location.id) };
            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
            return RedirectToAction("index", "shop");
        }
        return RedirectToAction("", "");
    }

在启动时的 configureServices() 中我有:

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options =>
        {
            options.ReturnUrlParameter = "";
            options.AccessDeniedPath = "/Location/Index/";
            options.LoginPath = "/Location/Index";
            options.LogoutPath = "/Location/Logout";
        });

        services.AddMvc(config =>
        {
            var policy = new AuthorizationPolicyBuilder()
                             .RequireAuthenticatedUser()
                             .Build();
            config.Filters.Add(new AuthorizeFilter(policy));
        });

当我未经授权访问页面时,我被重定向到 http://localhost:54104/Location/Index?=%2FLocation%2FIndex%3F%3D%252FLocation%252FIndex%253F%253D%25252FLocation%25252FIndex%25253F%25253D%2525252FLocation%2525252FIndex%2525253F%2525253D%252525252FLocation%252525252FIndex%252525253F%252525253D%25252525252FLocation%25252525252FIndex%25252525253F%25252525253D%2525252525252FLocation%2525252525252FIndex%2525252525253F%2525252525253D%252525252525252FLocation%252525252525252FIndex%252525252525253F%252525252525253D%25252525252525252FLocation%25252525252525252FIndex%25252525252525253F%25252525252525253D%2525252525252525252FLocation%2525252525252525252FIndex%2525252525252525253F%2525252525252525253D%252525252525252525252FLocation%252525252525252525252FIndex%252525252525252525253F%252525252525252525253D%25252525252525252525252FLocation%25252525252525252525252FIndex%25252525252525252525253F%25252525252525252525253D%2525252525252525252525252FLocation%2525252525252525252525252FIndex%2525252525252525252525253F%2525252525252525252525253D%252525252525252525252525252FLocation%252525252525252525252525252FIndex%252525252525252525252525253F%252525252525252525252525253D%25252525252525252525252525252FLocation%25252525252525252525252525252FIndex%25252525252525252525252525253F%25252525252525252525252525253D%2525252525252525252525252525252FLocation%2525252525252525252525252525252FIndex%2525252525252525252525252525253F%2525252525252525252525252525253D%252525252525252525252525252525252FLocation%252525252525252525252525252525252FIndex%252525252525252525252525252525253F%252525252525252525252525252525253D%25252525252525252525252525252525252FLocation%25252525252525252525252525252525252FIndex%25252525252525252525252525252525253F%25252525252525252525252525252525253D%2525252525252525252525252525252525252FLocation%2525252525252525252525252525252525252FIndex%2525252525252525252525252525252525253F%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FLocation%252525252525252525252525252525252525252FIndex%252525252525252525252525252525252525253F%252525252525252525252525252525252525253D%25252525252525252525252525252525252525252FLocation%25252525252525252525252525252525252525252FIndex

导致 HTTP 错误 404.15 - 未找到 请求过滤模块配置为拒绝查询字符串过长的请求。

为什么所有这些都附加到路径中?

我遇到了同样的问题。它正在创建一个无限循环。您必须在索引方法(HttpPost 方法)中的 AuthenticationProperties 对象中设置 RedirectUri。像这样:

var auth = new AuthenticationProperties()
            {
                RedirectUri = "/index/shop"
            };

可能是这样的:

[HttpPost]
    public async Task<IActionResult> Index(string id)
    {
        ILocationModel location = await _repo.GetLocation(id);
        var auth = new AuthenticationProperties()
            {
                RedirectUri = "/index/shop"
            };

        if (location != null)
        {
            var claims = new List<Claim> { new Claim(ClaimTypes.Name, location.id) };
            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
           // You have to create a ChallengeResult, otherwise it will be stuck there, and you send the user to where you want to
           return new ChallengeResult("cookies", auth);
        }
        return new ChallengeResult("cookies", auth);
    }

更多信息:https://dotnetcoretutorials.com/2017/09/16/cookie-authentication-asp-net-core-2-0/