跳到主要内容

Cookie Login Logout

该示例展示cookie登入登出的相关代码

Startup.cs 配置

MemberController.cs

坑1:使用oauth2.0的方式做的单点登录,将SignOutAsync包装成接口给客户端调用,发现无效原因是使用的cookie验证,客户端调用时,并没有带上cookie,自然就没效,解决办法是从客户端直接跳到单点登录的logout页面

这个时候,浏览器会带上cookie,实现cookie的退出

public void ConfigureServices(IServiceCollection services)
{
...

// 添加cookie认证
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(m =>
{
m.LoginPath = "/member/login";
}
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IOptions<SenparcWeixinSetting> senparcWeixinSetting, IOptions<SenparcSetting> senparcSetting)
{
...

// 注意这里,在UseAuthorization之前添加UseAuthentication
app.UseAuthentication();
app.UseAuthorization();
}
[AllowAnonymous]
public IActionResult Login([FromBody] loginArgsModel)
{

...

List<Claim> claims = new List<Claim>
{

new Claim(ClaimTypes.Name, user.username, ClaimValueTypes.String, null),
};

var userIdentity = new ClaimsIdentity("Form");
userIdentity.AddClaims(claims);


var principal = new ClaimsPrincipal(userIdentity);


await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);

return Redirect("");
}

public IActionResult Logout(string returnUrl)
{
HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
if (string.IsNullOrEmpty(returnUrl) || returnUrl == "/member/logout") returnUrl = "/member";
return Redirect(returnUrl);
}