更新时间:2023-02-15 08:28:37
那是因为 AddIdentity
为应用程序本身注册了默认的基于 Cookie 的身份验证方案,外部登录(例如 Facebook 和 Google) 和 2FA .如果您将 services.AddIdentity
放在 AddJwtBearer
配置下方,它将重置默认架构,为避免这种情况,您可以将身份配置放在jwt承载配置:
That is because AddIdentity
registers the default Cookie-based authentication schemes for the application itself, external sign-in (e.g. Facebook and Google), and 2FA . It will reset the default schema if you put services.AddIdentity<IdentityUser, IdentityRole>()
below the AddJwtBearer
config , to avoid this , you can put the identity config above the jwt bearer config :
services
.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>().AddDefaultTokenProviders().AddDefaultUI();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
....
});
使用 AddIdentityCore
有效,因为它不会注册默认的基于 Cookie 的身份验证方案,请参阅 AddIdentity vs AddIdentityCore 了解更多详情.
Use AddIdentityCore
works because it won't registers the default Cookie-based authentication schemes , see AddIdentity vs AddIdentityCore for more details.