我有两个登录名,一个用于admin,一个用于用户,将[Authorize(Policy =“ RequireAdministratorRole”,AuthenticationSchemes =“ AdminScheme”))放在admin中,
当管理员登录时,尽管管理员已经登录,它仍会再次重定向到登录页面。
这是什么问题? AuthenticationSchemes ?
控制器操作:
[Authorize(Policy = "RequireAdministratorRole", AuthenticationSchemes = "AdminScheme")]
public IActionResult Index()
{
return View();
}
Startup.cs:
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<User, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie("PublicScheme", options =>
{
options.Cookie.IsEssential = true;
options.LoginPath = "/Identity/Account/Login";
options.LogoutPath = "/Identity/Account/Logout";
})
.AddCookie("AdminScheme", options =>
{
options.Cookie.IsEssential = true;
options.LoginPath = "/Identity/Account/LoginAdmin";
options.LogoutPath = "/Identity/Account/Logout";
});
services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdministratorRole",
policy =>
{
policy.AddAuthenticationSchemes("AdminScheme");
policy.RequireRole("Admin");
});
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
登录页面:
public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
if (result.RequiresTwoFactor)
{
return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return RedirectToPage("./Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return Page();
}
}
// If we got this far, something failed, redisplay form
return Page();
}
我希望使用“ AdminScheme”对管理员进行身份验证,并使用“ PublicScheme”对用户进行身份验证