防止重定向到 asp.net Core 5 Razor 页面中的 /Account/Login
Prevent redirect to /Account/Login in asp.net Core 5 Razor pages
我有一个 ASP.NET Core 5 Web App Razor Pages(不是 MVC)项目,用户可以在其中通过 /Index 页面登录。
但是当我在没有登录的情况下使用 url 到页面时(例如 http://localhost:57257/Test2),我收到 404 错误并被重定向到:http://localhost:57257/Account/Login?ReturnUrl=%2FTest2
我试过这个问题的答案和评论:
但其中 none 有效。如果用户未登录,我会不断被重定向 Account/Login。
有趣的是,如果我对一个不存在的页面(例如 http://localhost:57257/Test2222)使用 url,一切顺利,页面被重定向到 /Index
基本上,我不想看到重定向到 /Account/Login,网站必须始终重定向到 / 或 /Index,
但我 运行 无法尝试。有人知道我该如何防止这种情况发生吗?
Startup.cs
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Caching.Memory;
using System.Data.Common;
using System.Data.SqlClient;
using System;
namespace WordWeb
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddRazorPages(options =>
{
options.Conventions.AuthorizeFolder("/");
options.Conventions.AllowAnonymousToPage("/Index");
options.Conventions.AllowAnonymousToPage("/Aanmelden");
options.Conventions.AllowAnonymousToPage("/Help");
options.Conventions.AllowAnonymousToPage("/Error");
});
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromSeconds(int.Parse(Configuration["Website:SessionTimeout"]));
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
});
services.AddHttpContextAccessor();
services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = "/Index";
options.AccessDeniedPath = "/Index";
//options.AccessDeniedPath = new Microsoft.AspNetCore.Http.PathString("/Index");
options.Events.OnRedirectToLogin = context =>
{
context.Response.StatusCode = Microsoft.AspNetCore.Http.StatusCodes.Status401Unauthorized;
return System.Threading.Tasks.Task.CompletedTask;
};
});
services.AddControllersWithViews().AddRazorRuntimeCompilation();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IMemoryCache cache)
{
if (env.IsDevelopment() || Configuration["ErrorHandling:ShowErrorDetails"] == "1")
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
DbProviderFactories.RegisterFactory("System.Data.SqlClient", SqlClientFactory.Instance);
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
});
}
}
}
services.AddAuthentication
请试试这个
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.Cookie.Path = "/";
options.LoginPath = "/Index";
options.AccessDeniedPath = "/Index";
});
我有一个 ASP.NET Core 5 Web App Razor Pages(不是 MVC)项目,用户可以在其中通过 /Index 页面登录。 但是当我在没有登录的情况下使用 url 到页面时(例如 http://localhost:57257/Test2),我收到 404 错误并被重定向到:http://localhost:57257/Account/Login?ReturnUrl=%2FTest2
我试过这个问题的答案和评论:
有趣的是,如果我对一个不存在的页面(例如 http://localhost:57257/Test2222)使用 url,一切顺利,页面被重定向到 /Index
基本上,我不想看到重定向到 /Account/Login,网站必须始终重定向到 / 或 /Index, 但我 运行 无法尝试。有人知道我该如何防止这种情况发生吗?
Startup.cs
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Caching.Memory;
using System.Data.Common;
using System.Data.SqlClient;
using System;
namespace WordWeb
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddRazorPages(options =>
{
options.Conventions.AuthorizeFolder("/");
options.Conventions.AllowAnonymousToPage("/Index");
options.Conventions.AllowAnonymousToPage("/Aanmelden");
options.Conventions.AllowAnonymousToPage("/Help");
options.Conventions.AllowAnonymousToPage("/Error");
});
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromSeconds(int.Parse(Configuration["Website:SessionTimeout"]));
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
});
services.AddHttpContextAccessor();
services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = "/Index";
options.AccessDeniedPath = "/Index";
//options.AccessDeniedPath = new Microsoft.AspNetCore.Http.PathString("/Index");
options.Events.OnRedirectToLogin = context =>
{
context.Response.StatusCode = Microsoft.AspNetCore.Http.StatusCodes.Status401Unauthorized;
return System.Threading.Tasks.Task.CompletedTask;
};
});
services.AddControllersWithViews().AddRazorRuntimeCompilation();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IMemoryCache cache)
{
if (env.IsDevelopment() || Configuration["ErrorHandling:ShowErrorDetails"] == "1")
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
DbProviderFactories.RegisterFactory("System.Data.SqlClient", SqlClientFactory.Instance);
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
});
}
}
}
services.AddAuthentication
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.Cookie.Path = "/";
options.LoginPath = "/Index";
options.AccessDeniedPath = "/Index";
});