我无法退出,即使在执行
User.Identity.IsAuthenticatedlogout我的
Program.csbuilder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate()
.AddCookie("Cookies", options =>
{
options.Cookie.Name = "Test";
options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
});
builder.Services.AddAuthorization(options =>
{
// By default, all incoming requests will be authorized according to the default policy.
options.FallbackPolicy = options.DefaultPolicy;
});
而
Logout[AllowAnonymous]
public async Task<IActionResult> Logout()
{
if (HttpContext.Request.Cookies.Count > 0)
{
var siteCookies = HttpContext.Request.Cookies
.Where(c => c.Key.Contains(".AspNetCore.")
|| c.Key.Contains("Microsoft.Authentication"));
foreach (var cookie in siteCookies)
{
Response.Cookies.Delete(cookie.Key);
}
}
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
HttpContext.Session.Clear();
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>()));
return RedirectToAction("Login", "Home");
}
有时,由于浏览器缓存问题或未能删除 cookie,会出现问题。您应该确保在
HttpContext.SignOutAsync代码中你的cookie清除过程如下:
if (HttpContext.Request.Cookies.Count > 0)
{
var siteCookies = HttpContext.Request.Cookies.Where(c => c.Key.Contains(".AspNetCore.") || c.Key.Contains("Microsoft.Authentication"));
foreach (var cookie in siteCookies)
{
Response.Cookies.Delete(cookie.Key);
}
}
此代码似乎删除包含
.AspNetCore.Microsoft.Authenticationforeach (var cookie in Request.Cookies.Keys)
{
Response.Cookies.Delete(cookie);
}
此外,预计在
HttpContext.UserHttpContext.UserHttpContext.SignOutAsyncHttpContext.User = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>()));通过进行这些更改,您可以验证注销过程并检查会话注销是否按预期运行。