尝试使用具有 ASP.NET 身份的 cookie 身份验证登录时获取 HTTP 500

ASP.NET Core 2.2

我已经为这个问题搏斗了很长时间...

每当我尝试通过 HttpContext 登录或注销时，都会收到 HTTP 500 错误。

我已经搭建了身份并完成了我需要的更改，所以我或多或少地一对一地使用微软的GitHub代码。

---

我正在执行的操作已完成(登录/注销，更改密码)，但是RedirectToPage()调用仅返回HTTP 500错误。

我怀疑它必须与重新加载太快而不是等待 HttpContext 登录或身份验证有关？

我已经设法通过使用而不是RedirectToPage()来使登录工作Response.Redirect(returnUrl)

这是我的Startup.cs

public void ConfigureServices(IServiceCollection services)
{
// Add httpcontext service
services.AddHttpContextAccessor();
// Services identity depends on
services.AddScoped<IIdentityRepository, IdentityRepository>();
//services.AddOptions().AddLogging();
// Services used by identity
services.AddScoped<IUserStore, UserStore>();
services.AddScoped<IUserValidator, UserValidator>();
services.AddScoped<IPasswordValidator, PasswordValidator>();
services.AddScoped<IPasswordHasher, PasswordHasher>();
services.AddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
// No interface for the error describer so we can add errors without rev'ing the interface
services.AddTransient<IdentityErrorDescriber>();
services.AddScoped<UserManager>();
services.AddScoped<SignInManager>();
// Identity cookie paths
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(o =>
{
o.AccessDeniedPath = "/Identity/Account/AccessDenied";
o.LoginPath = "/Identity/Account/Login";
o.Cookie.HttpOnly = true;
});

// Require authorization on every page by default
// Allow areas and add an area to path
services.AddMvc(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
.AddRazorPagesOptions(options =>
{
options.AllowAreas = true;
options.Conventions.AddAreaPageRoute("App", "/summary", "");
});
services.AddRouting(options => options.LowercaseUrls = true);
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc();
}

更改密码的剃刀页面示例： (正确输入正确的旧密码和新密码后，我收到HTTP 500错误)

public async Task<IActionResult> OnPostAsync () {
if (!ModelState.IsValid) {
return Page ();
}
var user = await _userManager.GetUserAsync (User);
if (user == null) {
return NotFound ($"Unable to load user with ID '{_userManager.GetUserId(User)}'.");
}
var changePasswordResult = await _userManager.ChangePasswordAsync (user, Input.OldPassword, Input.NewPassword);
if (!changePasswordResult.Succeeded) {
foreach (var error in changePasswordResult.Errors) {
ModelState.AddModelError (string.Empty, error.Description);
}
return Page ();
}
await _signInManager.RefreshSignInAsync (user);
//_logger.LogInformation("User changed their password successfully.");
StatusMessage = "Your password has been changed.";
return RedirectToPage(); // THIS PROBABLY CAUSING THE HTTP 500

}