我正在使用Microsoft.Owin构建与许多其他应用程序集成的登录应用程序。
总结一下,我为每个尝试登录的应用程序生成一个accessToken。应用程序验证accessToken并成功登录。
代码示例:
var identity = UserService.UserManager.CreateIdentity(user, DefaultAuthenticationTypes.ExternalBearer);
AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
var currentUtc = new SystemClock().UtcNow;
ticket.Properties.AllowRefresh = true;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30));
var dataProtectionProvider = new EFileDataProtectionProvider(client.ClientID, client.ClientSecret);
var accessTokenFormat = new TicketDataFormat(dataProtectionProvider);
Startup.OAuthBearerOptions.AccessTokenFormat = accessTokenFormat;
string accessToken = Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
return accessToken;
问题是: 当用户从一个应用程序退出时,如何强制所有其他应用程序注销???
答案 0 :(得分:0)
据我了解,一旦设备登录,您就会尝试注销所有其他设备,因此帐户中始终只有一个用户。
您需要做的是更新您的用户安全标记,如下所示:
await UserManager.UpdateSecurityStampAsync(user.Id);
然后asp.identity验证将处理其余的事情 请注意使用“OnValidateIdentity”启用验证,如下所示:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromSeconds(60),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
这将在每台设备上每隔60秒检查一次印章验证。