我有一个asp.net MVC和webapi2应用程序。我想在会话中设置OrderId并将用户发送到银行网站以支付订单,当银行网站将他返回到我的网站中的回调URL时我想得到来自会话的OrderId但似乎是null。我想知道它为什么会发生?
另一个问题是我在身份中使用cookie身份验证,但它也不起作用。我把它设置为15天。但它也不起作用。我不知道,但也许这两个问题彼此有关。如果有人知道
Why my asp.net identity -user will log out automatically
public ActionResult Pay()
{
Session["orderid"]=12;
}
//callbackurl
public ActionResult Result()
{
var orderid=Convert.ToInt32( Session["orderid"]);//is null
}
以下是我的web.config
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/User/Login" timeout="30">
</forms>
</authentication>
<sessionState timeout="30"></sessionState>
</system.web>
以及以下是在startup.cs文件中
public class Startup
{
public string Issuer { get; set; }
public void Configuration(IAppBuilder app)
{
Issuer = "http://mywebsite.ir/";
ConfigureOAuthTokenGeneration(app);
ConfigureOAuthTokenConsumption(app);
app.UseCors(CorsOptions.AllowAll);
GlobalConfiguration.Configure(WebApiConfig.Register);
AreaRegistration.RegisterAllAreas();
//app.UseWebApi(GlobalConfiguration.Configuration);
RouteConfig.RegisterRoutes(RouteTable.Routes);
//app.UseMvc(RouteConfig.RegisterRoutes);
//ConfigureWebApi(GlobalConfiguration.Configuration);
}
private void ConfigureOAuthTokenGeneration(IAppBuilder app)
{
app.CreatePerOwinContext(() => new LeitnerContext());
app.CreatePerOwinContext<LeitnerUserManager>(LeitnerUserManager.Create);
app.CreatePerOwinContext<LeitnerRoleManager>(LeitnerRoleManager.Create);
// Plugin the OAuth bearer JSON Web Token tokens generation and Consumption will be here
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new Microsoft.Owin.PathString("/User/Login"),
ExpireTimeSpan = TimeSpan.FromDays(15),
Provider = new CookieAuthenticationProvider
{
OnApplyRedirect = ctx =>
{
if (!IsForApi(ctx.Request))
{
ctx.Response.Redirect(ctx.RedirectUri);
}
}
}
});
OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/api/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(15),
Provider = new LeitnerOAuthProvider(),
AccessTokenFormat = new LeitnerJwtFormat(Issuer),
};
app.UseOAuthAuthorizationServer(options);
//app.UseJwtBearerAuthentication(options);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
}
private bool IsForApi(IOwinRequest request)
{
IHeaderDictionary headers = request.Headers;
return ((headers != null) && ((headers["Accept"] == "application/json") || (request.Path.StartsWithSegments(new PathString("/api")))));
}
private void ConfigureOAuthTokenConsumption(IAppBuilder app)
{
var a = AudiencesStore.AudiencesList["LeitnerAudience"];
string audienceId = a.ClientId;// ConfigurationManager.AppSettings["as:AudienceId"];
byte[] audienceSecret = TextEncodings.Base64Url.Decode(a.Base64Secret/*ConfigurationManager.AppSettings["as:AudienceSecret"]*/);
// Api controllers with an [Authorize] attribute will be validated with JWT
app.UseJwtBearerAuthentication(
new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new[] { audienceId },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
{
new SymmetricKeyIssuerSecurityTokenProvider(Issuer, audienceSecret)
}
});
}
}
修改
我的WebHost是Plesk Onyx,在托管设置中,我看到设置首选域,其中有三个项目可供选择
1- www.jooyabash.ir
2- jooyabash.ir
3-无
说明:选择通过SEO安全的HTTP 301重定向将网站访问者重定向到的URL(带或不带www。前缀)。
当我将其设置为 1 或 3 时,我会看到该会话将丢失。但是当我将其设置为 2 会话时,直到10分钟它不会丢失,付款将在这个时间进行竞争
有人知道为什么吗?