任何人都可以检查下面的代码,让我知道为什么我总是假的(User.Identity.IsAuthenticated)??我正确地在浏览器上获取cookie
能够从Claim获得价值,但“User.Identity.IsAuthenticated”总是错误的.
能够从Claim获得价值,但“User.Identity.IsAuthenticated”总是错误的.
public async Task<IActionResult> Login(string phoneNumber,int otp,string returnUrl) { if (this.accountService.ValidateOTP(phoneNumber,otp)) { var claims = new List<Claim> { new Claim(ClaimTypes.MobilePhone,phoneNumber),new Claim(ClaimTypes.Name,phoneNumber) }; var userIdentity = new ClaimsIdentity(); userIdentity.AddClaims(claim); ClaimsPrincipal userPrincipal = new ClaimsPrincipal(userIdentity); await HttpContext.Authentication.SignOutAsync("MyCookieMiddlewareInstance"); await HttpContext.Authentication.SignInAsync("MyCookieMiddlewareInstance",userPrincipal,new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20),IsPersistent = false,AllowRefresh = false }); if (string.IsNullOrWhiteSpace(returnUrl)) { return RedirectToAction("Create","Ad"); } else { return Redirect(returnUrl); } } return BadRequest(); }
解决方法
当ClaimsIdentity.AuthenticationType为null或为空时,ClaimsIdentity.IsAuthenticated返回false.为避免这种情况,请停止使用无参数的ClaimsIdentity构造函数并使用接受authenticationType参数的重载:
var userIdentity = new ClaimsIdentity("Custom");