Início / user-12702326

Tutorial Hell Veteran's questions

Martin Hope
Tutorial Hell Veteran
Asked: 2023-08-20 05:57:54 +0800 CST
  • 6

Quero que o usuário acesse a página de privacidade somente se estiver logado, mas a autorização só funciona se eu entrar em uma conta e sair, não funciona quando executo o webapp no ​​início e tento entrar na página de privacidade devo faça login e saia para obter autorização para trabalhar. Tenho certeza de que tudo estava bem algumas horas atrás, então aqui está um código relevante:

Startup.cs:

    public void ConfigureServices(IServiceCollection services)
    {
        //db
        services.AddDbContext<TheAppContext>(options => options.UseSqlServer(Configuration.GetConnectionString("Myconnection")));
        //auth w/ cookies 
        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options =>
        {
            options.Cookie.Name = "MySessionCookie";
            options.LoginPath = "/LogUsers/Expired";
            options.SlidingExpiration = true;
        });
        //service 3/default
        services.AddControllersWithViews();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseAuthentication();

        app.UseRouting();

        var cookiePolicyOptions = new CookiePolicyOptions
        {
            MinimumSameSitePolicy = SameSiteMode.Strict,
            HttpOnly = Microsoft.AspNetCore.CookiePolicy.HttpOnlyPolicy.Always,
            Secure = CookieSecurePolicy.None,
        };
        app.UseCookiePolicy(cookiePolicyOptions);

        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
        });
    }

Métodos do controlador relevante

    [AllowAnonymous]
    [HttpPost]
    public async Task<IActionResult> Login(Users login) //login users
    {

        if(IsValidUser(login.Username, login.Password))
        {
            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, login.Username),
                new Claim(ClaimTypes.Role, "User"),
            };

            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

            var authProperties = new AuthenticationProperties
            {
                //The time at which the authentication ticket expires.
                //ExpiresUtc = DateTime.Now.AddMinutes(60),
            };
            
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
            new ClaimsPrincipal(claimsIdentity),
            authProperties);

            DisplayedUsername = "@" + login.Username;
            CanUserLogout = 1;

            return RedirectToAction("Index", "Home");
        }
        else
        {
            ViewBag.message = "Failed to login";
            return View();
        }
    }
    
    private bool IsValidUser(string username, string password)
    {
        var user = _context.Users.FirstOrDefault(u => u.Username == username && u.Password == password);

        if (user != null)
        {
            return true;
        }
        
        return false;
    }

    [Authorize]
    public async Task<ActionResult> Logout()
    {
        await HttpContext.SignOutAsync(
            CookieAuthenticationDefaults.AuthenticationScheme);
        CanUserLogout = 0;
        return RedirectToAction("Login", "Logusers");
    }

Método de ação de privacidade do controlador doméstico:

    [Authorize]
    public IActionResult Privacy()
    {

        return View();
    }

Qualquer ajuda será apreciada.

EDITAR - 1 Startup.csatualizado

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        //db
        services.AddDbContext<TheAppContext>(options => options.UseSqlServer(Configuration.GetConnectionString("Myconnection")));
        //auth w/ cookies 
        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options =>
        {
            options.Cookie.Name = "MySessionCookie";
            options.LoginPath = "/LogUsers/Expired";
            options.SlidingExpiration = true;
        });

        //service 3/default
        services.AddControllersWithViews();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();

        var cookiePolicyOptions = new CookiePolicyOptions
        {
            MinimumSameSitePolicy = SameSiteMode.Strict,
            HttpOnly = Microsoft.AspNetCore.CookiePolicy.HttpOnlyPolicy.Always,
            Secure = CookieSecurePolicy.None,
        };

        app.UseCookiePolicy(cookiePolicyOptions);

        app.UseAuthentication();

        app.UseRouting();

        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}
asp.net-core