成功登录后，ASP.NET Core Razor页面Cookie身份验证将重定向到登录页面

Question

我紧随文章Use cookie authentication without ASP.NET Core Identity，并从2.x/Cookies下载了示例。

在VS 2017中运行该示例。按照文档中的说明并从代码（受保护的代码）中打开“联系”页面，使用简单的字符串比较使用代码中经过身份验证的凭据登录，并在调试后登录，这意味着它将添加带有声明的用户主体，但会重定向回登录页面而不是联系页面。

配置服务：

        services.Configure<CookiePolicyOptions>(options =>
        {
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddMvc()
        .AddRazorPagesOptions(options =>
        {
             options.Conventions.AuthorizePage("/Contact");
        })
        .SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

        #region snippet1   
        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(options => options.ExpireTimeSpan = new System.TimeSpan(0, 10, 0));
        #endregion

        services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

配置

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();
        }
        else
        {
            app.UseExceptionHandler("/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();

        // Call UseAuthentication before calling UseMVC.
        #region snippet2
        app.UseAuthentication();
        #endregion

        app.UseMvc();

身份验证

            #region snippet1
            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, user.Email),
                new Claim("FullName", user.FullName),
                new Claim(ClaimTypes.Role, "Administrator"),
            };

            var claimsIdentity = new ClaimsIdentity(
                claims, CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);

            var authProperties = new AuthenticationProperties
            {
                AllowRefresh = true,
                // Refreshing the authentication session should be allowed.

                ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
                // The time at which the authentication ticket expires. A 
                // value set here overrides the ExpireTimeSpan option of 
                // CookieAuthenticationOptions set with AddCookie.

                IsPersistent = true,
                // Whether the authentication session is persisted across 
                // multiple requests. Required when setting the 
                // ExpireTimeSpan option of CookieAuthenticationOptions 
                // set with AddCookie. Also required when setting 
                // ExpiresUtc.

                //IssuedUtc = <DateTimeOffset>,
                // The time at which the authentication ticket was issued.

                //RedirectUri = <string>
                // The full path or absolute URI to be used as an http 
                // redirect response value.
            };

            await HttpContext.SignInAsync(
                CookieAuthenticationDefaults.AuthenticationScheme, 
                new ClaimsPrincipal(claimsIdentity),
                authProperties);
            #endregion

，然后我重定向到联系人页面，但又回到登录页面。

Answer 1

在对此项目进行测试之后，我可以重现您的Chrome问题，它可以与Edge一起使用。

要使其与Chrome兼容，您可以转到launchSettings.json并将sslPort的{​​{1}}更改为iisExpress，而不是44344。