代码之家  ›  专栏  ›  技术社区  ›  Badozvora

Asp。Net core“记住我”持久cookie在部署后不起作用

  •  21
  • Badozvora  · 技术社区  · 7 年前

    我已经构建了一个MVC核心(框架)应用程序,并使用身份登录。

    我试着检查cookie的过期日期是否设置好了,看起来还可以,而且在服务器机器上,cookie似乎设置得很好。 您可以在下图中看到我的cookies详细信息:

    enter image description here

    谁能帮我解决这个问题?

    根据Orhun的要求,我在下面添加了我的启动。cs内容:

    public partial class Startup
    {
        public SymmetricSecurityKey signingKey;
    
        public Startup(IHostingEnvironment env)
        {
            var builder = new ConfigurationBuilder()
                .SetBasePath(env.ContentRootPath)
                .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
                .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);
    
            if (env.IsDevelopment())
            {
                // For more details on using the user secret store see https://go.microsoft.com/fwlink/?LinkID=532709
                builder.AddUserSecrets<Startup>();
            }
    
            builder.AddEnvironmentVariables();
            Configuration = builder.Build();
        }
    
        public IConfigurationRoot Configuration { get; }
    
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
    
            ///////////////////////////
            // Custom Services - START
            ///////////////////////////
    
            string conn = CreateConnectionString(Configuration.GetConnectionString("TiesseWebConnection"));
            services.AddScoped<System.Data.Entity.DbContext>((_) => new TiesseWeb.DAL.TiesseWebEntities(conn));  //Configuration["Data:DefaultConnection:ConnectionString"]));
    
    
            // SESSION section
            services.AddMemoryCache();
            services.AddDistributedMemoryCache();
            services.AddSession();
    
            services.AddSingleton<IConfiguration>(Configuration);   // IConfiguration explicitly
    
            // Add functionality to inject IOptions<T> (important for inject Config object)
            services.AddOptions();
    
    
            // Add our Config object so it can be injected
            services.Configure<Settings>(Configuration.GetSection("Settings"));
            // Add our Config object so it can be injected
            services.AddScoped<Settings>();
    
            services.AddScoped<Tiesse.Web.BL.TiesseWebManager>();
    
            ///////////////////////////
            // Custom Services - END
            ///////////////////////////
    
            // Add framework services.
            services.AddDbContext<ApplicationDbContext>(options =>
                options.UseSqlServer(Configuration.GetConnectionString("TiesseWebConnection")));
    
    
            services.AddIdentity<ApplicationUser, ApplicationRole>(i =>
            {
                i.SecurityStampValidationInterval = TimeSpan.FromDays(14);
                //i.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(14);
            })
            //services.AddIdentity<ApplicationUser, ApplicationRole>()//IdentityRole>()
              .AddEntityFrameworkStores<ApplicationDbContext, int>()
              .AddDefaultTokenProviders();
    
            services.AddMvc().AddJsonOptions(jsonOptions =>
            {
                jsonOptions.SerializerSettings.NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore;
            }); ;
    
            // Add application services.
            services.AddTransient<IEmailSender, AuthMessageSender>();
            services.AddTransient<ISmsSender, AuthMessageSender>();
    
            // Adds Authorizations
            services.AddAuthorization(options =>
            {
                options.AddPolicy("Admin", policy => policy.RequireClaim("Admin"));
                options.AddPolicy("Admin-Utenti", policy => policy.RequireClaim("Admin-Utenti"));
                options.AddPolicy("Admin-Filiali", policy => policy.RequireClaim("Admin-Filiali"));
                options.AddPolicy("Admin-Reparti", policy => policy.RequireClaim("Admin-Reparti"));
                options.AddPolicy("GoogleDrive", policy => policy.RequireClaim("GoogleDrive"));
                options.AddPolicy("GoogleDrive-Gestione", policy => policy.RequireClaim("GoogleDrive-Gestione"));
                options.AddPolicy("GoogleDrive-Gestione-Struttura", policy => policy.RequireClaim("GoogleDrive-Gestione-Struttura"));
                options.AddPolicy("GoogleDrive-Consultazione", policy => policy.RequireClaim("GoogleDrive-Consultazione"));
                options.AddPolicy("Reports", policy => policy.RequireClaim("Reports"));
                options.AddPolicy("Reports-Test", policy => policy.RequireClaim("Reports-Test"));
            });
        }
    
        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            // Custom settings
            app.UseSession();
    
            //// configures Bearer token Authentication
            //ConfigureAuth(app);
            ///////////////////
    
    
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();
    
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseDatabaseErrorPage();
                app.UseBrowserLink();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                //app.UseDeveloperExceptionPage();
                //app.UseDatabaseErrorPage();
                //app.UseBrowserLink();
            }
    
            app.UseStaticFiles();
    
            app.UseIdentity();
    
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                //CookieName = "MyWebCookie",
                //CookieDomain = "http://devweb01:81",      // uncomment when deploy
                CookieHttpOnly = true,
                CookieSecure = CookieSecurePolicy.Always,
                ExpireTimeSpan = TimeSpan.FromDays(30),
                SlidingExpiration = true,
                AutomaticAuthenticate = true,
                AutomaticChallenge = true
                //AuthenticationScheme = "MyeWebCookie"
            });
    
            app.UseGoogleAuthentication(new GoogleOptions()
            {
                // following Goggle Secrets data have been hardcoded because Configuration with Secrets.json works only in development environment
                ClientId = "XXXXXXX....",
                ClientSecret = "XXXXXXX....",
                AutomaticAuthenticate = true
                //SignInScheme = "MyWebCookie"
            });
    
            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });
        }
    
        #region Methods
    
        public static string CreateConnectionString(string providerConnectionString)
        {
            var entityBuilder = new EntityConnectionStringBuilder();
    
            // use your ADO.NET connection string
            entityBuilder.ProviderConnectionString = providerConnectionString;
    
            entityBuilder.Provider = "System.Data.SqlClient";
    
            // Set the Metadata location.
            entityBuilder.Metadata = @"res://*/TiesseWebDB.csdl|res://*/TiesseWebDB.ssdl|res://*/TiesseWebDB.msl";
    
            return entityBuilder.ConnectionString;
        }
    
        #endregion
    }
    
    1 回复  |  直到 7 年前
        1
  •  24
  •   dantey89    7 年前

    我也面临同样的问题。我很长时间都没能解决这个问题。但几天前我找到了解决办法。正如您在评论中提到的,问题是机器钥匙。我不知道为什么,但应用程序每次重新启动时都会生成新的机器密钥。所以解决这个问题的方法是强制应用程序使用常量键。为此,您需要在启动时添加如下代码:

            public void ConfigureServices(IServiceCollection services)
            {
    
                var environment = services.BuildServiceProvider().GetRequiredService<IHostingEnvironment>();
    
    
                services.AddDataProtection()
                        .SetApplicationName($"my-app-{environment.EnvironmentName}")
                        .PersistKeysToFileSystem(new DirectoryInfo($@"{environment.ContentRootPath}\keys"));
    
               ...
    
            }
    

    在“key”文件夹中启动应用程序后,您将找到包含您的机器密钥的xml。您可以找到更多详细信息 here