设置CookieAuthentication重定向路径

时间:2018-01-24 11:17:12

标签: redirect asp.net-core-mvc-2.0 cookie-authentication

我只希望具有LocationId的用户能够访问我的控制器方法。 在位置索引页面上,用户输入他们的ID,该ID保存在cookie中。

如果用户尝试不访问页面,则应将用户重定向到位置索引页面。 这几乎可以工作,但我的重定向问题。

我正在使用asp net core 2.0。

我的控制器看起来像这样

[AllowAnonymous]
public class LocationController : Controller
{
...
    [HttpGet]
    public IActionResult Index()
    {
        return View();
    }

    [HttpPost]
    public async Task<IActionResult> Index(string id)
    {
        ILocationModel location = await _repo.GetLocation(id);
        if (location != null)
        {
            var claims = new List<Claim> { new Claim(ClaimTypes.Name, location.id) };
            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
            return RedirectToAction("index", "shop");
        }
        return RedirectToAction("", "");
    }

在启动的configureServices()中,我有:

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options =>
        {
            options.ReturnUrlParameter = "";
            options.AccessDeniedPath = "/Location/Index/";
            options.LoginPath = "/Location/Index";
            options.LogoutPath = "/Location/Logout";
        });

        services.AddMvc(config =>
        {
            var policy = new AuthorizationPolicyBuilder()
                             .RequireAuthenticatedUser()
                             .Build();
            config.Filters.Add(new AuthorizeFilter(policy));
        });

当我访问未经授权的页面时,我会被重定向到http://localhost:54104/Location/Index?=%2FLocation%2FIndex%3F%3D%252FLocation%252FIndex%253F%253D%25252FLocation%25252FIndex%25253F%25253D%2525252FLocation%2525252FIndex%2525253F%2525253D%252525252FLocation%252525252FIndex%252525253F%252525253D%25252525252FLocation%25252525252FIndex%25252525253F%25252525253D%2525252525252FLocation%2525252525252FIndex%2525252525253F%2525252525253D%252525252525252FLocation%252525252525252FIndex%252525252525253F%252525252525253D%25252525252525252FLocation%25252525252525252FIndex%25252525252525253F%25252525252525253D%2525252525252525252FLocation%2525252525252525252FIndex%2525252525252525253F%2525252525252525253D%252525252525252525252FLocation%252525252525252525252FIndex%252525252525252525253F%252525252525252525253D%25252525252525252525252FLocation%25252525252525252525252FIndex%25252525252525252525253F%25252525252525252525253D%2525252525252525252525252FLocation%2525252525252525252525252FIndex%2525252525252525252525253F%2525252525252525252525253D%252525252525252525252525252FLocation%252525252525252525252525252FIndex%252525252525252525252525253F%252525252525252525252525253D%25252525252525252525252525252FLocation%25252525252525252525252525252FIndex%25252525252525252525252525253F%25252525252525252525252525253D%2525252525252525252525252525252FLocation%2525252525252525252525252525252FIndex%2525252525252525252525252525253F%2525252525252525252525252525253D%252525252525252525252525252525252FLocation%252525252525252525252525252525252FIndex%252525252525252525252525252525253F%252525252525252525252525252525253D%25252525252525252525252525252525252FLocation%25252525252525252525252525252525252FIndex%25252525252525252525252525252525253F%25252525252525252525252525252525253D%2525252525252525252525252525252525252FLocation%2525252525252525252525252525252525252FIndex%2525252525252525252525252525252525253F%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FLocation%252525252525252525252525252525252525252FIndex%252525252525252525252525252525252525253F%252525252525252525252525252525252525253D%25252525252525252525252525252525252525252FLocation%25252525252525252525252525252525252525252FIndex

女巫导致了 HTTP错误404.15 - 未找到 请求过滤模块配置为拒绝查询字符串太长的请求。

为什么所有这些都附加在路径上?

1 个答案:

答案 0 :(得分:0)

我遇到了同样的问题。它创造了一个无限循环。您必须在您的索引方法(HttpPost)中的AuthenticationProperties对象中设置RedirectUri。像这样:

var auth = new AuthenticationProperties()
            {
                RedirectUri = "/index/shop"
            };

可能就像:

[HttpPost]
    public async Task<IActionResult> Index(string id)
    {
        ILocationModel location = await _repo.GetLocation(id);
        var auth = new AuthenticationProperties()
            {
                RedirectUri = "/index/shop"
            };

        if (location != null)
        {
            var claims = new List<Claim> { new Claim(ClaimTypes.Name, location.id) };
            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
           // You have to create a ChallengeResult, otherwise it will be stuck there, and you send the user to where you want to
           return new ChallengeResult("cookies", auth);
        }
        return new ChallengeResult("cookies", auth);
    }

了解更多信息:https://dotnetcoretutorials.com/2017/09/16/cookie-authentication-asp-net-core-2-0/

相关问题
最新问题