OWIN 认证不认证
OWIN Authentication not authenticating
我是 OWIN 身份验证的新手,我正在尝试让(看似)基本的工作正常进行。
当我 post 我的登录操作“_signInManager.PasswordSignInAsync” returns 成功时,但是我的 IPrincipal 用户似乎没有更新。此外,如果我执行单独的测试(即执行 userManager.FindByEmail 并对登录进行计数,或尝试 SignInManager.GetVerifiedUserId),我不会获得任何成功登录尝试的历史记录。因此,当重定向发生时,.net 忘记了已登录的用户并且表现得好像它从未经过身份验证,我不知道为什么。
值得注意的是,我的身份是一个独立的解决方案,被主解决方案引用。
主要解决方案:
账户管理员:
private ApplicationSignInManager _signInManager;
private ApplicationUserManager _userManager;
public AccountController()
{
_userManager = OwinContext.GetApplicationUserManager();
_signInManager = OwinContext.GetApplicationSignInManager();
}
public AccountController(ApplicationUserManager userManager, ApplicationSignInManager signInManager)
{
_userManager = userManager;
_signInManager = signInManager;
}
***Other methods***
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(Login model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (OwinContext.SignInResult(result))
{
case OwinContext.SignInStatus.Success:
if (User.IsInRole("Admin") || User.IsInRole("SuperAdmin"))
{
return RedirectToAction("UserList");
}
return RedirectToLocal(returnUrl);
case OwinContext.SignInStatus.LockedOut:
return View("Lockout");
case OwinContext.SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case OwinContext.SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
OWIN 上下文
private static IOwinContext GetOwinContext()
{
return HttpContextWrapper.GetCurrentContext().GetOwinContext();
}
public static ApplicationSignInManager GetApplicationSignInManager()
{
var applicationSignInManager = GetOwinContext().Get<ApplicationSignInManager>();
return applicationSignInManager;
}
身份解
Startup.cs
using System.Data.Entity;
using Microsoft.Owin;
using Owin;
using Shared_Identity.IdentityConfig;
using Shared_Identity.Models.Context;
namespace Shared_Identity
{
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
//ConfigureAuth(app);
Database.SetInitializer<SharedIdentity>(null);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
}
}
}
我试过以下方法:
- (已确认数据库连接字符串正确)
连同查看 Google 中的一些杂项教程,但似乎到处都表明这应该是直截了当的。我可能遗漏了一些简单的东西或有概念上的问题。
孔浩的回答:解决了我的问题
具体来说:
you need the follow changes in your Startup.Auth.cs:
app.UseCookieAuthentication(new CookieAuthenticationOptions {
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
我是 OWIN 身份验证的新手,我正在尝试让(看似)基本的工作正常进行。
当我 post 我的登录操作“_signInManager.PasswordSignInAsync” returns 成功时,但是我的 IPrincipal 用户似乎没有更新。此外,如果我执行单独的测试(即执行 userManager.FindByEmail 并对登录进行计数,或尝试 SignInManager.GetVerifiedUserId),我不会获得任何成功登录尝试的历史记录。因此,当重定向发生时,.net 忘记了已登录的用户并且表现得好像它从未经过身份验证,我不知道为什么。
值得注意的是,我的身份是一个独立的解决方案,被主解决方案引用。
主要解决方案:
账户管理员:
private ApplicationSignInManager _signInManager;
private ApplicationUserManager _userManager;
public AccountController()
{
_userManager = OwinContext.GetApplicationUserManager();
_signInManager = OwinContext.GetApplicationSignInManager();
}
public AccountController(ApplicationUserManager userManager, ApplicationSignInManager signInManager)
{
_userManager = userManager;
_signInManager = signInManager;
}
***Other methods***
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(Login model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (OwinContext.SignInResult(result))
{
case OwinContext.SignInStatus.Success:
if (User.IsInRole("Admin") || User.IsInRole("SuperAdmin"))
{
return RedirectToAction("UserList");
}
return RedirectToLocal(returnUrl);
case OwinContext.SignInStatus.LockedOut:
return View("Lockout");
case OwinContext.SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case OwinContext.SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
OWIN 上下文
private static IOwinContext GetOwinContext()
{
return HttpContextWrapper.GetCurrentContext().GetOwinContext();
}
public static ApplicationSignInManager GetApplicationSignInManager()
{
var applicationSignInManager = GetOwinContext().Get<ApplicationSignInManager>();
return applicationSignInManager;
}
身份解
Startup.cs
using System.Data.Entity;
using Microsoft.Owin;
using Owin;
using Shared_Identity.IdentityConfig;
using Shared_Identity.Models.Context;
namespace Shared_Identity
{
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
//ConfigureAuth(app);
Database.SetInitializer<SharedIdentity>(null);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
}
}
}
我试过以下方法:
- (已确认数据库连接字符串正确)
连同查看 Google 中的一些杂项教程,但似乎到处都表明这应该是直截了当的。我可能遗漏了一些简单的东西或有概念上的问题。
孔浩的回答:解决了我的问题
具体来说:
you need the follow changes in your Startup.Auth.cs:
app.UseCookieAuthentication(new CookieAuthenticationOptions {
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});