长话短说:我已经创建了简单的webapi项目-.netCore 7.0-与cookie认证。每当我从外部客户端发出任何请求时,我只收到401早些时候,我有CORS的问题,但幸运的是,希望管理...
程序. cs代码:
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using NawiaAPI;
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
using Services.DbContext;
using System.Globalization;
var config = new ConfigurationBuilder().AddEnvironmentVariables().Build();
var builder = WebApplication.CreateBuilder(args);
builder.Services.Configure<AppSettings>(config.GetSection("AppSettings"));
builder.Services.AddDbContext<NawiaDbContext>(dbContextOptions =>
dbContextOptions.UseMySql(XXX,ServerVersion.AutoDetect(XXX))
.LogTo(Console.WriteLine, LogLevel.Information)
.EnableSensitiveDataLogging()
.EnableDetailedErrors());
builder.Services.AddDistributedMemoryCache();
builder.Services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromSeconds(10);
options.Cookie.HttpOnly = false;
options.Cookie.IsEssential = true;
});
builder.Services
.AddCors()
.AddResponseCompression()
.AddControllers()
.AddNewtonsoftJson(c =>
{
c.SerializerSettings.Formatting = Newtonsoft.Json.Formatting.Indented;
c.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
c.SerializerSettings.DateFormatHandling = DateFormatHandling.IsoDateFormat;
c.SerializerSettings.DateTimeZoneHandling = Newtonsoft.Json.DateTimeZoneHandling.Local;
c.SerializerSettings.Culture = new CultureInfo("en-US");
c.SerializerSettings.ContractResolver = new DefaultContractResolver();
});
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromMinutes(20);
options.SlidingExpiration = true;
options.AccessDeniedPath = "/Forbidden/";
options.Events.OnRedirectToLogin = context =>
{
context.Response.StatusCode = 401;
return Task.CompletedTask;
};
});
builder.Services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("UserPolicy", policy => policy.RequireClaim("User"));
options.FallbackPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
});
builder.Services.AddControllers().AddJsonOptions(options =>
{
options.JsonSerializerOptions.PropertyNamingPolicy = null;
options.JsonSerializerOptions.DictionaryKeyPolicy = null;
});
builder.Services.AddSwaggerGen();
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseRouting();
app.Use(async (context, next) =>
{
context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
context.Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type, Accept");
await next.Invoke();
});
app.UseCors(options => options
.AllowAnyHeader()
.AllowAnyMethod()
.WithOrigins("https://localhost:4200")
.AllowCredentials()
);
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.Run();控制器实现:
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Mvc;
using Services;
using Services.DbContext;
namespace NawiaAPI.Controllers
{
[ApiController]
[Route("[controller]")]
public class AccountController : BaseController
{
private readonly AccountService _accountService;
public AccountController(NawiaDbContext dbContext, IConfiguration configuration) : base(dbContext, configuration)
{
_accountService = new AccountService(dbContext);
}
[AllowAnonymous]
[HttpPost("RegisterUser")]
public IActionResult RegisterUser([FromBody] Models.Dtos.Requests.RegisterNewUserRequest entity)
{
return _accountService.RegisterNewUser(entity) ? Ok(true) : BadRequest(false);
}
}
}错误样本:
> HttpErrorResponse {headers: HttpHeaders, status: 401, statusText:
> 'OK', url: 'https://localhost:7116/api/Account/RegisterUser', ok:
> false, …} error: null headers: HttpHeaders {normalizedNames: Map(0),
> lazyUpdate: null, lazyInit: ƒ} message: "Http failure response for
> https://localhost:7116/api/Account/RegisterUser: 401 OK" name:
> "HttpErrorResponse" ok: false status: 401 statusText: "OK" url:
> "https://localhost:7116/api/Account/RegisterUser"示例客户端方法(Angular ):
public Register() {
let t = this;
t.http.post<boolean>(t.State.webApiUrl + t.State.webApiCommandAccountRegisterUser, t.register_req).subscribe(res => {
console.log(res);
}
)
};
1条答案
按热度按时间lb3vh1jj1#
在我的本地测试后,我发现这是由OnRedirectToLogin和AllowAnonymous之间的冲突引起的。
测试我这边的代码:
概念
当客户端需要重定向到登录URL时调用。
Simple authorization in ASP.NET Core - AllowAnonymous
简单地说,如果未经授权的用户发送http请求,它将在OnRedirectToLogin方法中处理。它不会命中控制器中的方法,并获得401代码作为您以前的代码。在我的示例中,它允许您访问端点
/Account/RegisterUser,并且不执行任何操作,然后它将命中控制器中的方法。