Home > Backend Development > C#.Net Tutorial > Detailed explanation of the coexistence solution for ASP.NET and ASP.NET Core user authentication cookies

Detailed explanation of the coexistence solution for ASP.NET and ASP.NET Core user authentication cookies

高洛峰
Release: 2017-02-20 17:13:03
Original
1539 people have browsed it

This article mainly introduces the detailed solution for the coexistence of ASP.NET and ASP.NET Core user authentication cookies. It has certain reference value and interested friends can refer to it.

When you migrate your existing user login (Sign In) site from ASP.NET to ASP.NET Core, you will face such a problem - how to connect ASP.NET and ASP.NET Core users Verify that cookies coexist and let ASP.NET applications and ASP.NET Core applications use their own cookies? Because ASP.NET uses FormsAuthentication, ASP.NET Core uses claims-based authentication, and their encryption algorithms are different.

The solution we adopted is to generate 2 Cookies respectively after successful login in ASP.NET Core and send them to the client at the same time.

Generating ASP.NET Core's claims-based authentication verification cookie is relatively simple. The sample code is as follows:

var claimsIdentity = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, loginName) }, "Basic");
var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
await context.Authentication.SignInAsync(_cookieAuthOptions.AuthenticationScheme,
  claimsPrincipal,
  new AuthenticationProperties
  {
    IsPersistent = isPersistent,
    ExpiresUtc = DateTimeOffset.Now.Add(_cookieAuthOptions.ExpireTimeSpan)
  });
Copy after login

Generating ASP.NET The FormsAuthentication-based authentication cookie is slightly more troublesome.

First create a Web API site with ASP.NET and generate cookies based on FormsAuthentication. The sample code is as follows:

public IHttpActionResult GetAuthCookie(string loginName, bool isPersistent)
{
  var cookie = FormsAuthentication.GetAuthCookie(loginName, isPersistent);
  return Json(new { cookie.Name, cookie.Value, cookie.Expires });
}
Copy after login

Then in ASP. NET Core login site to write a Web API client to obtain cookies. The sample code is as follows:

public class UserServiceAgent
{
  private static readonly HttpClient _httpClient = new HttpClient();
  public static async Task<Cookie> GetAuthCookie(string loginName, bool isPersistent)
  {
    var response = await _httpClient.GetAsync(url);
    response.EnsureSuccessStatusCode();
    return await response.Content.ReadAsAsync<Cookie>();
  }
}
Copy after login

Finally, after successful login to the ASP.NET Core login site The processing code specifically sends ASP.NET FormsAuthentication Cookies to the client. The sample code is as follows:

var cookie = await _userServiceAgent.GetAuthCookie(loginName, isPersistent);
var options = new CookieOptions()
{
  Domain = _cookieAuthOptions.CookieDomain,
  HttpOnly = true
};
if (cookie.Expires > DateTime.Now)
{
  options.Expires = cookie.Expires;
}
context.Response.Cookies.Append(cookie.Name, cookie.Value, options);
Copy after login

The above is the entire content of this article. I hope it will be useful to everyone. It is helpful, and I hope everyone will support the PHP Chinese website.

For more detailed explanations of ASP.NET and ASP.NET Core user authentication cookie coexistence solutions, please pay attention to the PHP Chinese website for related articles!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template