search

aspnet / Identity

[Archived] ASP.NET Core Identity is the membership system for building ASP.NET Core web applications, including membership, login, and user data. Project moved to https://github.com/aspnet/AspNetCore
Apache License 2.0
1.96k stars 869 forks source link

Need assistance to investigate why RazorPageBase.User doesn't contain logged-in user identity #1930

Closed slavanap closed 6 years ago

slavanap commented 6 years ago

I thought it was cookies issue at the beginning, but it's not. I'm running .NET Core MVC application as a console application, I register identity&auth with code snippet at the end of the message. My issue is that User variable in MVC view doesn't contain user identity after successful user SignIn (_signInManager.PasswordSignInAsync(...).Succeeded is true).

RazorPageBase.User is not Authenticated after successful sign-in. How to fix this? Tried with Chrome & Firefox. Debug looks like this: 2018-08-19

My Startup.cs. The app was originally migrated from netcore2.0 to netcore2.1, but I don't like new app template where you can't customize Identity pages, that's why I want to keep them, if possible.

using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using CoreApp.Data;
using CoreApp.Models;
using CoreApp.Services;
using FirebirdSql.EntityFrameworkCore.Firebird.Extensions;
using System.Text;
using Microsoft.AspNetCore.Http;

namespace CoreApp {

    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            Encoding.RegisterProvider(CodePagesEncodingProvider.Instance);
            services.AddEntityFrameworkNpgsql().AddDbContext<ApplicationDbContext>(
                opt => opt.UseNpgsql(Configuration.GetConnectionString("Main"), o => o.UseNetTopologySuite()));
            services.AddEntityFrameworkNpgsql().AddDbContext<NominatimContext>(
                opt => opt.UseNpgsql(Configuration.GetConnectionString("Nominatim")));

            services.AddIdentityCore<ApplicationUser>(options => {
                options.Password.RequireDigit = false;
                options.Password.RequiredLength = 4;
                options.Password.RequireLowercase = false;
                options.Password.RequireNonAlphanumeric = false;
                options.Password.RequireUppercase = false;
                options.SignIn.RequireConfirmedEmail = false;
                options.SignIn.RequireConfirmedPhoneNumber = false;
            })
               .AddRoles<IdentityRole>()
               .AddEntityFrameworkStores<ApplicationDbContext>()
               .AddSignInManager()
               .AddDefaultTokenProviders();
            services.AddAuthentication().AddIdentityCookies(builder => {
                builder.ApplicationCookie.Configure(options => {
                    options.Cookie.HttpOnly = false;
                    options.Cookie.SameSite = SameSiteMode.None;
                });
            });

            services.AddMvc();

            // Add application services.
            services.AddTransient<IEmailSender, EmailSender>();
            services.AddSingleton<Tracker>();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, IApplicationLifetime applicationLifetime, IServiceProvider provider)
        {
            if (env.IsDevelopment()) {
                //app.UseBrowserLink();
                app.UseDeveloperExceptionPage();
                app.UseDatabaseErrorPage();
            }
            else {
                app.UseExceptionHandler("/Home/Error");
            }

            app.UseStaticFiles();
            app.UseAuthentication();

            app.UseMvc(routes => {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });

            if (!env.IsDevelopment()) {
                using (var scope = app.ApplicationServices.GetService<IServiceScopeFactory>().CreateScope()) {
                    scope.ServiceProvider.GetRequiredService<ApplicationDbContext>().Database.Migrate();
                }
            }
            Task.Run(() => app.ApplicationServices.GetService<Tracker>().RunAsync(7331, applicationLifetime.ApplicationStopping));
        }
    }
}
slavanap commented 6 years ago

Looks like HTTPS is forced for any authentication available and there's no option to provide user accounts via simple HTTP.

slavanap commented 6 years ago

I've replaced Manage & Account controllers with AddDefaultIdentity and it started to work again.