我有一个ASP.NET Core Web应用程序,我正在使用Authorize属性来装饰一些控制器操作方法。
因此,当我没有登录时,它不会进行任何重定向,只显示该控制器操作的空白页面。我已经完成了几个教程,他们谈论了Cookie身份验证。 下面是我在Startup.cs中的Configure方法。
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseApplicationInsightsRequestTelemetry();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "MainCookie",
LoginPath = "/Login",
AccessDeniedPath = "/Home/Forbidden/",
AutomaticAuthenticate = true,
AutomaticChallenge = false
});
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "ExternalCookie",
AutomaticAuthenticate = false,
AutomaticChallenge = false
});
app.UseGoogleAuthentication(new GoogleOptions()
{
ClientId = "*****",
ClientSecret = "*****",
SignInScheme = "ExternalCookie"
});
app.UseFacebookAuthentication(new FacebookOptions()
{
SignInScheme = "ExternalCookie",
AppId = "AppId",
AppSecret = "AppSecret"
});
app.UseLinkedInAuthentication(new LinkedInOptions()
{
SignInScheme = "ExternalCookie",
ClientId = "*****",
ClientSecret = "*****",
ProfileScheme = LinkedInDefaults.ProfileLoadFormat.AppDefined
});
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseApplicationInsightsExceptionTelemetry();
app.UseStaticFiles();
app.UseSession();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
我的行动,
[Authorize]
[HttpGet("/questions/ask", Name = "askquestions")]
public IActionResult Ask()
答案 0 :(得分:0)
如果用户未经过身份验证,您似乎会看到登录页面由于您将AutomaticChallenge属性配置为false,因此您不会重定向到登录页面。此行为是设计使然。更多详情here