如何解决在ASP.NET Core 3.1中的动作过滤器中,会话始终为null
我试图在会话中设置一个值,然后想在动作过滤器中检索它,尝试通过actionContext访问,但仍获取空的会话值,无法弄清楚我在哪里做错了。在我的身份验证控制器中,我要在验证用户凭据后设置会话值。
public class AuthController : Controller {
private IHttpContextAccessor httpContextAccessor { get; }
public AuthController (IHttpContextAccessor contextAccessor)
{
httpContextAccessor = contextAccessor;
}
private async Task<IActionResult> Login(signIn objDto){
// Some Authenticate Code and token generation
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier,user.Id.ToString()),new Claim(ClaimTypes.Name,user.Username)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("Jwt:TokenSecretKey").Value));
var creds = new SigningCredentials(key,SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),Expires = DateTime.Now.AddDays(1),SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
httpContextAccessor.HttpContext.Session.SetString("token",token);
//return Ok result with token
}
}
但是在任何下一次调用中都无法通过onActionExecuting方法访问它。
public class WebAPIActionFilterHelper : ActionFilterAttribute
{
private IHttpContextAccessor httpContextAccessor { get; }
public WebAPIActionFilterHelper(IHttpContextAccessor contextAccessor)
{
httpContextAccessor = contextAccessor;
}
public override void OnActionExecuting(ActionExecutingContext actionContext)
{
if (actionContext.Controller.GetType().Name == "AuthController")
return;
// Always return null session
var token = httpContextAccessor.HttpContext.Session.GetString("token");
if (token == null){
actionContext.Result = new UnauthorizedResult();}
base.OnActionExecuting(actionContext);
}
}
以下是我的启动课程
public class Startup
{
public IConfiguration Configuration { get; }
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<DataContext>(x => x.UseSqlite(Configuration.GetConnectionString("DefaultConnection")));
services.AddControllers(x => x.Filters.Add(typeof(WebAPIActionFilterHelper))).
AddJsonOptions(o =>
{
o.JsonSerializerOptions.MaxDepth = 999999999;
});
services.AddAutoMapper(typeof(Startup));
services.AddCors();
services.AddHttpContextAccessor();
services.AddScoped<IAuthRepository,AuthRepository>();
services.AddAuthorization();
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(opt =>
{
opt.TokenValidationParameters = new TokenValidationParameters
{
ValidateLifetime = true,ValidateIssuerSigningKey = true,IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("Jwt:TokenSecretKey").Value)),ValidateIssuer = true,ValidateAudience = true,ValidIssuer = Configuration["Jwt:Issuer"],ValidAudience = Configuration["Jwt:Issuer"],};
});
services.AddDistributedMemoryCache();
services.AddSession(opt =>
{
opt.IdleTimeout = TimeSpan.FromMinutes(10);
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app,IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors(x => x.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
