我在Blazor中使用HttpContextAccessor编程注销时遇到问题。
我试图注销,但它什么也没做。我想要的只是删除浏览器中的一些cookie并重定向到主页,这样我就可以再次进入登录页面;我想通过使用httpcontext注销,我可以自动删除cookie,因为我已经注销了。
这是注销代码:
@page "/"
@* @inject IJSRuntime JSRuntime *@
@* @inherits FragmentNavigationBase *@
@using System.Security.Claims
@inject Microsoft.AspNetCore.Http.IHttpContextAccessor _httpContextAccessor
@inject NavigationManager NavigationManager
@using System;
@using System.Threading.Tasks;
@using Microsoft.AspNetCore.Authentication;
@using Microsoft.AspNetCore.Authentication.Cookies;
@inject Blazored.LocalStorage.ILocalStorageService localStorage
<Layout>
<div class="container">
<Bar
Breakpoint="Breakpoint.Desktop"
Background="Background.Light"
ThemeContrast="ThemeContrast.Light"
>
<div>
Booking Crew
</div>
<BarToggler />
<BarMenu>
<BarStart>
<BarItem>
<BarLink To="">Home</BarLink>
</BarItem>
<BarItem>
<BarDropdown>
<BarDropdownToggle>Report</BarDropdownToggle>
<BarDropdownMenu>
<BarDropdownItem><BarLink To="report_crews">Report Crew</BarLink></BarDropdownItem>
<BarDropdownItem><BarLink To="report_studio">Report Studio</BarLink></BarDropdownItem>
<BarDropdownItem><BarLink To="report_schedule">Report Schedule</BarLink></BarDropdownItem>
</BarDropdownMenu>
</BarDropdown>
</BarItem>
</BarStart>
</BarMenu>
Hai, @EmployeeName <span style="cursor: pointer;" @onclick="OnLogOut"> Logout</span>
</Bar>
</div>
</Layout>
@code{
public string EmployeeName {get;set;}
public string Email {get;set;}
public string Nik {get;set;}
public string NikLama {get;set;}
protected override void OnInitialized()
{
var name = _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.Name).Value;
name = name.ToString().ToLower();
EmployeeName = name.Remove(1).ToUpper() + name.Substring(1);
Email = _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.Email).Value;
Nik = _httpContextAccessor.HttpContext.User.FindFirst(c => c.Type == "urn:T7SSO:nik")?.Value;
NikLama = _httpContextAccessor.HttpContext.User.FindFirst(c => c.Type == "urn:T7SSO:nik_lama")?.Value;
var test = _httpContextAccessor.HttpContext.User.FindFirst(c => c.Type == "urn:T7SSO:nik")?.Value;;
Console.WriteLine(test);
}
protected void OnLogOut()
{
_httpContextAccessor.HttpContext.SignOutAsync(
CookieAuthenticationDefaults.AuthenticationScheme);
NavigationManager.NavigateTo("/");
}
}
我认为使用signoutAsync就足以让用户注销,但当我点击注销时,什么都没有发生。我该如何解决?
Blazor服务器使用SignalR,这意味着在Startup.Configure运行完其进程后,您将无法再安全地访问HttpContext,即从您的组件访问。
此外,出于安全原因,您不得在Blazor应用程序中使用IHttpContextAccessorBlazor应用程序在ASP.NET Core管道的上下文之外运行。HttpContext不能保证在IHttpContextAccessor中可用,也不能保证它包含启动Blazor应用程序的上下文。
如果需要删除cookie,请导航到可以由HttpContext有效的代码(如Controller或中间件(处理的注销URL。
如果您只需要简单的注销功能,请使用中间件,避免添加对AddControllers和MapControllers的调用。下面是一个使用内联中间件的示例:
public void Configure(IApplicationBuilder app) {
// ...
app.Use(async (context, next) => {
// ^^^^^^^ the HttpContext
if (context.Request.Path
.Equals("/Logout", System.StringComparison.OrdinalIgnoreCase))
{
// Remove cookie, redirect to landing, and any other logout logic
}
await next();
});
// ...
}
如果采用这种方法,可以考虑创建一个自定义中间件类。