我自己只是在纠结这个问题，我得出的结论是，在最新版本的Microsoft.AspNetCore.Identity.EntityFrameworkCore" 依赖.

I was just wrestling with this myself and I've come to the conclusion that there seems to be an issue in the latest version of the "Microsoft.AspNetCore.Identity.EntityFrameworkCore" dependency.

我最初使用的是 1.1.0 版本，但经过大量调试、中间件日志记录等，我得出的结论是我没有做错任何事情.我检查了:

I was originally using version 1.1.0 but after lots of debugging, owin middleware logging etc, I came to the conclusion that I wasn't doing anything wrong. I checked:

• Authorize 属性起作用并阻止了请求

• 添加如下事件处理程序 (OnRedirectToLogin) 以验证重定向 URL(这仅用于调试)

• Authorize attribute worked and blocked the request

• Added event handlers (OnRedirectToLogin) as below to verify the redirect URL (this was only for debugging)

options.Cookies.ApplicationCookie.Events = new CookieAuthenticationEvents
{ 
    OnRedirectToLogin = evt => {
        evt.Response.Redirect(evt.RedirectUri); // this url is correct, but the redirect never happens!??
        return Task.FromResult(0);
    }
};     

分辨率:我将包回滚到版本 1.0.1，然后重定向按预期启动 - 到 LoginPath 设置中 Startup.cs 中定义的 URL

The resolution: I rolled back my package to the version 1.0.1 and then the redirects kicked in as expected - to the URL defined in Startup.cs in the LoginPath setting

options.Cookies.ApplicationCookie.LoginPath = new PathString("/Auth/Login");

澄清一下，这个版本有效:Microsoft.AspNetCore.Identity.EntityFrameworkCore": "1.0.1"

我将向 ASPNETCORE 团队提出一个关于 1.1.0 版本的错误以进行调查.

I'm going to raise a bug with the ASPNETCORE team for investigation as regards to the 1.1.0 version.