更新时间:2023-02-24 10:19:04
我想我知道问题是什么在这里 - 尽管我不知道如何解决它,这样的文件是为asp.net身份有时混乱(
I think I know what the problem is here - although I'm not sure how to fix it, such is the mess of documentation for asp.net identity sometimes ;(
我有完全一样的症状。问题的关键是,你用一个 SecurityStampValidator
验证并重新创建(如果需要的话)你的cookie?
I had exactly the same symptoms. The key issue is, do you use a SecurityStampValidator
that verifies and recreates (if needed) your cookie?
我做的,而我被设定为非常频繁验证(从我Startup.auth):
I do, and mine is set to validate very frequently (from my Startup.auth):
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User, int>(
validateInterval: TimeSpan.FromMinutes(1),
regenerateIdentityCallback: (manager, user) =>
{
return user.GenerateUserIdentityAsync(manager);
},
getUserIdCallback: id => (int.Parse(id.GetUserId()))
),
},
所以假设你有类似code - 你怎么重建。简单 - 登录,打在你的应用程序页面,然后等待定义validateInterval失效 - 所以对我来说,等待1 minue。 1分钟后,注销。的景气的。我不会退出。
现在,这里的问题是,GenerateUserIdentiyAsync方法再现您的身份验证cookie,则signout发生之后。我已经验证了与记录 - 在 _authenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
在我注销等动作发生,然后Cookie会再生。卫生署。
Now, the issue here is that the GenerateUserIdentiyAsync method RECREATES your auth cookie, right after the signout has happened. I've verified that with logging - the _authenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
in my LogOff action is happening, and then the cookie gets regenerated. Doh.
如何修复 - 好明显的事情是增加validateInterval,但影响安全 - 如果有人登录到2台电脑,并更改其密码,我想这两个帐户被注销pretty快速 - 这是这是什么一样
How to fix - well the obvious thing is to increase the validateInterval, but that impacts security - If someone is logged on to 2 computers, and changes their password, I'd like both accounts to be logged out pretty swiftly - which is what this does.
所以,这是(可能)的原因。对不起,我不能提供一个很好的修复:(
So, that's (probably) the cause. Sorry I can't offer a nice fix :(