任何人都可以检查下面的代码,让我知道为什么我总是假的(User.Identity.IsAuthenticated)??我正确地在浏览器上获取cookie
能够从Claim获得价值,但“User.Identity.IsAuthenticated”总是错误的.
能够从Claim获得价值,但“User.Identity.IsAuthenticated”总是错误的.
public async Task<IActionResult> Login(string phoneNumber,int otp,string returnUrl)
{
if (this.accountService.ValidateOTP(phoneNumber,otp))
{
var claims = new List<Claim>
{
new Claim(ClaimTypes.MobilePhone,phoneNumber),new Claim(ClaimTypes.Name,phoneNumber)
};
var userIdentity = new ClaimsIdentity();
userIdentity.AddClaims(claim);
ClaimsPrincipal userPrincipal = new ClaimsPrincipal(userIdentity);
await HttpContext.Authentication.SignOutAsync("MyCookieMiddlewareInstance");
await HttpContext.Authentication.SignInAsync("MyCookieMiddlewareInstance",userPrincipal,new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(20),IsPersistent = false,AllowRefresh = false
});
if (string.IsNullOrWhiteSpace(returnUrl))
{
return RedirectToAction("Create","Ad");
}
else
{
return Redirect(returnUrl);
}
}
return BadRequest();
}
解决方法
当ClaimsIdentity.AuthenticationType为null或为空时,ClaimsIdentity.IsAuthenticated返回false.为避免这种情况,请停止使用无参数的ClaimsIdentity构造函数并使用接受authenticationType参数的重载:
var userIdentity = new ClaimsIdentity("Custom");
