gpt4 book ai didi

c# - Microsoft 身份验证注销不起作用

转载 作者:行者123 更新时间:2023-12-03 22:29:29 25 4
gpt4 key购买 nike

已经为此抗争了 2 天……现在需要一些帮助。
我正在使用 Visual Studio 2019 中的 Razor Pages 使用 ASP.NET Core 3.1 开发一个项目。该项目具有本地帐户,可以注册其他外部帐户,如 Microsoft、Facebook 等。我遵循了有关 Microsoft 设置 Microsoft 文档的教程身份验证和登录工作正常时,注销不会清除 session 。
为了测试这个问题,我从头开始构建应用程序,没有修改,按照说明我仍然遇到同样的问题......注销不会重定向到 Microsoft 以注销。
经验:当我登录和/或注册帐户时,会在 dbo.AspNetUsers 数据表中创建。我可以毫无问题地使用我的 Microsoft 帐户登录,重定向工作等。当我注销时,我得到标准的 ASP.NET 注销页面,但没有 Microsoft 注销页面。现在当我返回并单击登录时,没有提示输入用户名/密码。这里的问题是,在具有多个用户的系统上,如果用户不清除 cookie 和历史记录,他们将获得对以前用户信息的访问权限……并且他们将无法登录,因为循环重复直到 cookie被手动清除。我不想使用新的 Azure AD 身份验证,因为它不适用于本地帐户,因此目前不适合我,因为它仍处于预览状态。
我的应用注册设置是:
重定向 URI

  • https://localhost:44323/
  • https://localhost:44323/signin-microsoft

  • 登出网址
  • https://localhost:44323/signout-oidc

  • 任何有助于注销的指针都会很棒。
    下面是我的代码示例(可以在 Microsoft Docs Microsoft Account Documentation 上找到):
    启动文件
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;
    using Microsoft.AspNetCore.Builder;
    using Microsoft.AspNetCore.Identity;
    using Microsoft.AspNetCore.Identity.UI;
    using Microsoft.AspNetCore.Hosting;
    using Microsoft.AspNetCore.HttpsPolicy;
    using Microsoft.EntityFrameworkCore;
    using MSAuth.Data;
    using Microsoft.Extensions.Configuration;
    using Microsoft.Extensions.DependencyInjection;
    using Microsoft.Extensions.Hosting;

    namespace MSAuth
    {
    public class Startup
    {
    public Startup(IConfiguration configuration)
    {
    Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
    services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(
    Configuration.GetConnectionString("DefaultConnection")));
    services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
    .AddEntityFrameworkStores<ApplicationDbContext>();
    services.AddRazorPages();

    services.AddAuthentication().AddMicrosoftAccount(microsoftOptions =>
    {
    microsoftOptions.ClientId = Configuration["Authentication:Microsoft:ClientId"];
    microsoftOptions.ClientSecret = Configuration["Authentication:Microsoft:ClientSecret"];
    });
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
    if (env.IsDevelopment())
    {
    app.UseDeveloperExceptionPage();
    app.UseDatabaseErrorPage();
    }
    else
    {
    app.UseExceptionHandler("/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
    }

    app.UseHttpsRedirection();
    app.UseStaticFiles();

    app.UseRouting();

    app.UseAuthentication();
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
    endpoints.MapRazorPages();
    });
    }
    }
    }
    登出.cshtml.cs
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;
    using Microsoft.AspNetCore.Authorization;
    using Microsoft.AspNetCore.Identity;
    using Microsoft.AspNetCore.Mvc;
    using Microsoft.AspNetCore.Mvc.RazorPages;
    using Microsoft.Extensions.Logging;

    namespace MSAuth.Areas.Identity.Pages.Account
    {
    [AllowAnonymous]
    public class LogoutModel : PageModel
    {
    private readonly SignInManager<IdentityUser> _signInManager;
    private readonly ILogger<LogoutModel> _logger;

    public LogoutModel(SignInManager<IdentityUser> signInManager, ILogger<LogoutModel> logger)
    {
    _signInManager = signInManager;
    _logger = logger;
    }

    public void OnGet()
    {
    }

    public async Task<IActionResult> OnPost(string returnUrl = null)
    {
    await _signInManager.SignOutAsync();
    _logger.LogInformation("User logged out.");
    if (returnUrl != null)
    {
    return LocalRedirect(returnUrl);
    }
    else
    {
    return RedirectToPage();
    }
    }
    }
    }

    _LoginPartial.cshtml
    @using Microsoft.AspNetCore.Identity
    @inject SignInManager<IdentityUser> SignInManager
    @inject UserManager<IdentityUser> UserManager

    <ul class="navbar-nav">
    @if (SignInManager.IsSignedIn(User))
    {
    <li class="nav-item">
    <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Manage/Index" title="Manage">Hello @User.Identity.Name!</a>
    </li>
    <li class="nav-item">
    <form class="form-inline" asp-area="Identity" asp-page="/Account/Logout" asp-route-returnUrl="@Url.Page("/", new { area = "" })" method="post" >
    <button type="submit" class="nav-link btn btn-link text-dark">Logout</button>
    </form>
    </li>
    }
    else
    {
    <li class="nav-item">
    <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Register">Register</a>
    </li>
    <li class="nav-item">
    <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Login">Login</a>
    </li>
    }
    </ul>

    最佳答案

    看看这些
    http://www.binaryintellect.net/articles/3d6ce8b3-cb62-42b7-bedc-5e7f2fb9d017.aspx
    http://docs.identityserver.io/en/latest/topics/signout_external_providers.html
    看起来退出外部用户是你的责任......

    public IActionResult SignOut(string signOutType)
    {
    if (signOutType == "app")
    {
    HttpContext.SignOutAsync().Wait();
    }
    if (signOutType == "all")
    {
    return Redirect("https://login.microsoftonline.com/common/oauth2/v2.0/logout");
    }
    return RedirectToAction("Index");
    }

    关于c# - Microsoft 身份验证注销不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63345114/

    25 4 0
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com