我測試過查看使用Firebug和瀏覽器工具創建的Cookie,但是當我登錄時,我沒有創建Cookie。 我已經在〜/ Startup.cs中定義了cookie身份驗證(我正在使用Identity框架),並且我檢查了我是用「Hello,@ User.Identity.Name」來標識的。我創建了一個登錄ActionResult(〜/ Controller/AccountController.cs)和一個登錄模型(〜/ Model/LoginModel.cs),並且當我登錄時(〜/ View/Account/Login .cshtml)用「[email protected], 「密碼」,則控制器應創建cookie。Hardcoded ClaimIdentity不會創建Cookie
〜/控制器/ AccountController.cs
using Microsoft.Owin.Security;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
using System.Security.Claims;
//using MyProject.Models;
namespace MyProject.Controllers
{
[AllowAnonymous]
public class AccountController : Controller
{
// GET: account
[HttpGet]
public ActionResult Login(string returnUrl)
{
var model = new LoginModel
{
ReturnUrl = returnUrl
};
return View(model);
}
[HttpPost]
public ActionResult Login(LoginModel model)
{
if (!ModelState.IsValid)
{
return View();
}
// Don't do this in production!
if (model.Email == "[email protected]" && model.Password == "password")
{
var identity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, "Ben"),
new Claim(ClaimTypes.Email, "[email protected]"),
new Claim(ClaimTypes.Country, "England")
},
"ApplicationCookie");
var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;
// CREATE THE COOKIE
authManager.SignIn(identity);
// Finally we redirect the user agent to the resource they attempted to access. We also check to ensure the return URL is local to the application to prevent Open Redirection attacks
return Redirect(GetRedirectUrl(model.ReturnUrl));
}
// user authN failed
ModelState.AddModelError("", "Invalid email or password");
return View();
}
private string GetRedirectUrl(string returnUrl)
{
if (string.IsNullOrEmpty(returnUrl) || !Url.IsLocalUrl(returnUrl))
{
return Url.Action("Index", "Home");
}
return returnUrl;
}
}
}
〜/型號/ LoginModel
using System.ComponentModel.DataAnnotations;
using System.Web.Mvc;
public class LoginModel
{
[Required]
[DataType(DataType.EmailAddress)]
public string Email { get; set; }
[Required]
[DataType(DataType.Password)]
public string Password { get; set; }
[HiddenInput]
public string ReturnUrl { get; set; }
}
〜/ Startup.cs
using Owin;
using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
//[assembly: OwinStartup(typeof(MyProject.Startup))]
namespace MyProject
{
/// <summary>
/// To initialize the OWIN identity components we need to add a Startup class to the project
/// </summary>
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
// This is a string value that identifies the the cookie. This is necessary since we may have several instances of the Cookie middleware. For example, when using external auth servers (OAuth/OpenID) the same cookie middleware is used to pass claims from the external provider
AuthenticationType = "ApplicationCookie",
// The path to which the user agent (browser) should be redirected to when your application returns an unauthorized (401) response. This should correspond to your "login" controller
LoginPath = new PathString("/Account/Login")
});
}
}
}
〜/查看/ Login.cshtml
@Html.ValidationSummary(true)
@using (Html.BeginForm())
{
@Html.EditorForModel()
<p>
<button type="submit">Log In</button>
</p>
}
我還沒有嘗試過你在做什麼。但是我會開始驗證'Startup.Configuration'運行。 –
它運行。你在這個線程中有我的Startup類。 – Joe
這可能是也可能不是相關的。 http://coding.abel.nu/2014/11/catching-the-system-webowin-cookie-monster/您以非常規方式使用中間件,可能會導致各種意外行爲。祝你好運。如果你能做到,我希望你能與我們分享答案。 –