Aspnet核心身份甚至在启动时定义的HTTP甚至UseHttpsRedirection

时间:2019-02-15 12:41:22

标签: asp.net-core asp.net-identity

在Aspnet Core 2.1中安装了身份区域。这个启动类:

    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        // AppSettings.json
        //
        services.Configure<AppSettings>(Configuration.GetSection("ProvidersSettings"));

        // IdentityUser settings
        //
        services.Configure<IdentityOptions>(options =>
        {
            // Lockout settings.
            options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
            options.Lockout.MaxFailedAccessAttempts = 5;
            options.Lockout.AllowedForNewUsers = true;

            // User settings.
            options.User.AllowedUserNameCharacters =
            "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";
            options.User.RequireUniqueEmail = true;
        });

        services.Configure<CookiePolicyOptions>(options =>
        {
            // This lambda determines whether user consent for non-essential cookies is needed for a given request.
            options.CheckConsentNeeded = context => false;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddDbContext<ApplicationDbContext>(options =>
            options.UseSqlServer(
                Configuration.GetConnectionString("DefaultConnection")));

        services.AddDefaultIdentity<IdentityUser>()
            .AddRoles<IdentityRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>();

        services.AddMvc(options =>
        {
            // All MvcControllers are hereby "Authorize". Use AllowAnonymous to give anon access
            //
            var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();

            options.Filters.Add(new AuthorizeFilter(policy));
            options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
        });

        // IdentityModel
        //
        services.AddSingleton<IDiscoveryCache>(r =>
        {
            var url = Configuration["ProvidersSettings:IdentityServerEndpoint"];

            var factory = r.GetRequiredService<IHttpClientFactory>();
            return new DiscoveryCache(url, () => factory.CreateClient());
        });

        // HttpContext injection
        //
        services.AddHttpContextAccessor();

    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env, UserManager<IdentityUser> userManager, ApplicationDbContext dbContext)
    {

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();

        app.UseAuthentication();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}

它正在开发中。但是在生产中,它不会停留在 https 上。它将重定向到 http 和以下路径:

  

/ Identity / Account / Login?ReturnUrl =%2F

在localhost上,它可以与IIS Express和“程序”一起正常使用。

任何想法都是最有帮助的。谢谢。

0 个答案:

没有答案