如何使用自定义/默认身份验证方案来使用 dotnet Identity usermanager 和 Signinmanager

问题描述 投票:0回答:1

我有一个 asp dotnet webapi 设置,具有像这样的默认身份验证方案


const string CookieScheme = "cookie";

builder.Services.AddAuthentication(CookieScheme)
    .AddCookie(CookieScheme, options =>
    {
        options.Cookie.Name = "MyCustom.Identity";
        options.Cookie.SameSite = SameSiteMode.Lax;
        options.Cookie.Path = "/";
        options.Cookie.HttpOnly = true;
    });

并且在控制器中,我尝试使用登录管理器和用户管理器来对流程进行更多控制,例如在注册时登录用户等...

这是带有注册端点的 AuthController。


[ApiController]
[Route("api/auth")]
public class AuthController : ControllerBase
{
    private readonly UserManager<IdentityUser> _userManager;
    private readonly SignInManager<IdentityUser> _signInManager;
    private readonly ILogger<AuthController> _logger;

    public AuthController(UserManager<IdentityUser> userManager,
        SignInManager<IdentityUser> signInManager,
        ILogger<AuthController> logger)
    {
        _userManager = userManager;
        _signInManager = signInManager;
        _logger = logger;
    }


    [HttpPost]
    [Route("register")]
    public async Task<IActionResult> Register([FromBody] RegisterModel model)

    {
        var user = new IdentityUser
        {
            UserName = model.Email,
            Email = model.Email
        };

        var result = await _userManager.CreateAsync(user, model.Password);

        if (!result.Succeeded)
        {
            return BadRequest(result.Errors);
        }

        await _signInManager.SignInAsync(user, true);

        var responseData = new
        {
            status = "success",
            message = "Registered successfully!",
            user = new
            {
                username = user.UserName,
                email = user.Email,
                id = user.Id
            }
        };

        return Ok(responseData);
    }
}

但是此代码不使用“cookie”方案(设置的cookie具有不同的名称“.AspDotnet.Identity”,这是默认方案)

当我访问需要身份验证的路由时,这会造成更多麻烦。比如


    [Authorize]
    [HttpGet]
    [Route("user")]
    public async Task<IActionResult> GetUser()
    {
        var user = await _userManager.GetUserAsync(User);

        if (user == null)
        {
            return Unauthorized("not authorized to perform this action");
        }

        var responseData = new
        {
            status = "success",
            user = new
            {
                username = user.UserName,
                email = user.Email,
                id = user.Id
            }
        };

        return Ok(responseData);
    }

如何正确设置 dotnet 身份和控制器路由以实现更多总体控制?

c# asp.net .net asp.net-identity
1个回答
0
投票

您可以通过以下方式更改 asp.net 身份默认 cookie 选项。

builder.Services.ConfigureApplicationCookie(options =>
{
        options.Cookie.Name = "MyCustom.Identity";
        options.Cookie.SameSite = SameSiteMode.Lax;
        options.Cookie.Path = "/";
        options.Cookie.HttpOnly = true;

});
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.