我已经尽了一切可能,但仍然无法注销当前用户。目前我有以下代码:
_authenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
string sKey = (string)HttpContext.Current.Session["user"];
string sUser = Convert.ToString(HttpContext.Current.Cache[sKey]);
HttpContext.Current.Cache.Remove(sUser);
HttpContext.Current.Session.Clear();
HttpContext.Current.Response.Cookies.Clear();
HttpContext.Current.Request.Cookies.Clear();
HttpContext.Current.Session.Abandon();
在此之后,会话仍然未被清除。有什么想法吗?
身份验证启动:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
登录代码:
public override ApplicationUser Handle([NotNull]LoginCommand command)
{
var user = _userManager.Find(command.Login, command.Password);
if (user == null)
{
throw new RentalApplicationValidationException("No valid login");
}
_authenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
var identity = _userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
_authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity);
return user;
}
您需要在AuthenticationManager中调用SignOut,我看到您在上面尝试,但您是从Owin context 获得的吗
请在代码末尾尝试以下操作。
var authetication = HttpContext.Current.GetOwinContext().Authentication;
authentication.SignOut();
另一种方法是通过-1设置年份来清除cookie(我再次看到你在上面尝试过,但只使用AuthCookie)。。当你Session.Abandon()时,cookie似乎仍然存在,与FormsAuthentication.SignOut()相同。。在代码末尾尝试这样的操作:
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, "");
authCookie.Expires = DateTime.Now.AddYears(-1);
Response.Cookies.Add(authCookie);
您需要调用
HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);