更改 asp .net core 3.1 中的默认登录路径
change default login path in asp .net core 3.1
如何更改登录页面的默认路径?
我试过了
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/e-tol/Login";
options.ExpireTimeSpan = TimeSpan.FromMinutes(15);
options.SlidingExpiration = true;
});
但是当它运行时,我们仍然可以使用 /Login ,我需要仅使用 /Login 来阻止用户登录
我已经阅读了很多与我的情况相似的答案,但仍然不起作用
更新
这是我的操作方法
public async Task<IActionResult> Index(string message)
{
ViewBag.Message = message;
if (HttpContext.User.Identity.IsAuthenticated) return RedirectAfterAuthenticated();
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
return View();
}
private IActionResult RedirectAfterAuthenticated()
{
var identity = (ClaimsIdentity)User.Identity;
var role = identity.Claims
.Where(i => i.Type == "IdRole")
.Select(i => i.Value)
.SingleOrDefault();
switch (role)
{
case null:
return RedirectToAction("Index", "Login");
default:
return RedirectToAction("Index", "Home");
}
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(string username, string password, string ReturnUrl)
{
var getUsername = await _context.Users.FirstOrDefaultAsync(a => a.Username == username);
var getPassword = await _context.Users.FirstOrDefaultAsync(b => b.Password == password);
if (getUsername != null && getPassword != null)
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.NameIdentifier, Convert.ToString(getUsername.IdUser)),
new Claim("Nama", getUsername.Nama),
new Claim(ClaimTypes.Name, getUsername.Username),
new Claim("IdRole", Convert.ToString(getUsername.IdRole)),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return Redirect(ReturnUrl == null ? "/Home" : ReturnUrl);
}
else
{
return RedirectToAction("Index", new RouteValueDictionary(new { message = "Username / Password Salah" }));
}
}
因为你没有显示Controller目录,我不知道/e-tol/Login对应的方法是什么,所以我写了一个demo来说明一下情况:
我将 [Route("/e-tol/Login")] 添加到 AccountController 控制器中的 Login 操作
家庭控制器
public class HomeController : Controller
{
[Authorize]
public IActionResult Create()
{
return View();
}
}
账户控制器
public class AccountController : Controller
{
[Route("/e-tol/Login")]
public IActionResult Login()
{
return View();
}
}
启动
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(x => x.LoginPath = "/e-tol/Login");
那么,我要登录的时候只能用/e-tol/Login,用/Login的时候会报404错误。
如何更改登录页面的默认路径?
我试过了
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/e-tol/Login";
options.ExpireTimeSpan = TimeSpan.FromMinutes(15);
options.SlidingExpiration = true;
});
但是当它运行时,我们仍然可以使用 /Login ,我需要仅使用 /Login 来阻止用户登录
我已经阅读了很多与我的情况相似的答案,但仍然不起作用
更新
这是我的操作方法
public async Task<IActionResult> Index(string message)
{
ViewBag.Message = message;
if (HttpContext.User.Identity.IsAuthenticated) return RedirectAfterAuthenticated();
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
return View();
}
private IActionResult RedirectAfterAuthenticated()
{
var identity = (ClaimsIdentity)User.Identity;
var role = identity.Claims
.Where(i => i.Type == "IdRole")
.Select(i => i.Value)
.SingleOrDefault();
switch (role)
{
case null:
return RedirectToAction("Index", "Login");
default:
return RedirectToAction("Index", "Home");
}
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(string username, string password, string ReturnUrl)
{
var getUsername = await _context.Users.FirstOrDefaultAsync(a => a.Username == username);
var getPassword = await _context.Users.FirstOrDefaultAsync(b => b.Password == password);
if (getUsername != null && getPassword != null)
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.NameIdentifier, Convert.ToString(getUsername.IdUser)),
new Claim("Nama", getUsername.Nama),
new Claim(ClaimTypes.Name, getUsername.Username),
new Claim("IdRole", Convert.ToString(getUsername.IdRole)),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return Redirect(ReturnUrl == null ? "/Home" : ReturnUrl);
}
else
{
return RedirectToAction("Index", new RouteValueDictionary(new { message = "Username / Password Salah" }));
}
}
因为你没有显示Controller目录,我不知道/e-tol/Login对应的方法是什么,所以我写了一个demo来说明一下情况:
我将 [Route("/e-tol/Login")] 添加到 AccountController 控制器中的 Login 操作
家庭控制器
public class HomeController : Controller
{
[Authorize]
public IActionResult Create()
{
return View();
}
}
账户控制器
public class AccountController : Controller
{
[Route("/e-tol/Login")]
public IActionResult Login()
{
return View();
}
}
启动
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(x => x.LoginPath = "/e-tol/Login");
那么,我要登录的时候只能用/e-tol/Login,用/Login的时候会报404错误。