在Azure中使用ASP.NET Core在Redis中保存用戶會話

Question

我正在使用redis緩存在我的項目中保存一些內容。

我正在使用Azure（WebApp），當我在預生產環境與生產之間進行交換時，用戶會話丟失，他需要重新登錄我的網頁。

我使用Identity 3.0，使用UseCookieAuthentication。我想在Redis中存儲「會話」，以便在交換時解決我的問題。

我沒有找到關於它的信息，有什麼想法嗎？由於

Startup.cs代碼ConfigureServices：

public void ConfigureServices(IServiceCollection services) 
     { 

         // Add framework services. 
      services.AddApplicationInsightsTelemetry(Configuration); 

      // Registers MongoDB conventions for ignoring default and blank fields 
      // NOTE: if you have registered default conventions elsewhere, probably don't need to do this 
      //RegisterClassMap<ApplicationUser, IdentityRole, ObjectId>.Init(); 

      AutoMapperWebConfiguration.Configure(); 

      services.AddSingleton<ApplicationDbContext>(); 

      // Add Mongo Identity services to the services container. 
      services.AddIdentity<ApplicationUser, IdentityRole>(o => 
      { 
       // configure identity options 
       o.Password.RequireDigit = false; 
       o.Password.RequireLowercase = false; 
       o.Password.RequireUppercase = false; 
       o.Password.RequireNonLetterOrDigit = false; 
       o.Password.RequiredLength = 6; 
       o.User.RequireUniqueEmail = true; 
       o.Cookies.ApplicationCookie.CookieSecure = CookieSecureOption.SameAsRequest; 
       o.Cookies.ApplicationCookie.CookieName = "MyCookie"; 
      }) 
       .AddMongoStores<ApplicationDbContext, ApplicationUser, IdentityRole>() 
       .AddDefaultTokenProviders(); 

      services.AddSession(options => 
      { 
       options.IdleTimeout = TimeSpan.FromMinutes(60); 
       options.CookieName = "MyCookie"; 
      }); 

      services.Configure<AppSettings>(Configuration.GetSection("AppSettings")); 

      services.AddLocalization(options => options.ResourcesPath = "Resources"); 

      // Caching This will add the Redis implementation of IDistributedCache 
      services.AddRedisCache(); 

      services.Configure<RedisCacheOptions>(options => 
      { 
       options.Configuration = Configuration["RedisConnection"]; 
      }); 




      services.AddCaching(); 

      // Add MVC services to the services container. 
      services.AddMvc(options => 
      { 
       options.CacheProfiles.Add("OneDay", 
        new CacheProfile() 
        { 
         Duration = 86400, 
         Location = ResponseCacheLocation.Any 
        }); 

       options.CacheProfiles.Add("OneMinute", 
        new CacheProfile() 
        { 
         Duration = 60, 
         Location = ResponseCacheLocation.Any 
        }); 

      }) 
       .AddViewLocalization(options => options.ResourcesPath = "Resources") 
       .AddDataAnnotationsLocalization(); 



      services.Configure<AppOptions>(Configuration.GetSection("AppOptions")); 



     } 

Startup.cs代碼

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. 
     public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) 
     { 
      // 
      loggerFactory.AddConsole(Configuration.GetSection("Logging")); 
      loggerFactory.AddDebug(); 

      app.UseApplicationInsightsRequestTelemetry(); 

      if (env.IsDevelopment()) 
      { 
       app.UseBrowserLink(); 
       app.UseDeveloperExceptionPage(); 
       app.UseDatabaseErrorPage(); 
      } 
      else 
      { 
       app.UseExceptionHandler("/Home/Error"); 

      } 

      app.UseSession(); 

      app.UseIISPlatformHandler(options => options.AuthenticationDescriptions.Clear()); 

      app.UseApplicationInsightsExceptionTelemetry(); 

      app.UseStaticFiles(); 

      app.UseIdentity(); 


      app.UseCookieAuthentication(options => 
      { 
       options.AutomaticAuthenticate = true; 
       options.LoginPath = new PathString("/Account/Login"); 
       options.AutomaticChallenge = true; 
      }); 

      var requestLocalizationOptions = new RequestLocalizationOptions 
      { 
       // Set options here to change middleware behavior 
       SupportedCultures = new List<CultureInfo> 
       { 
        new CultureInfo("en-US"), 
        new CultureInfo("es-ES") 
       }, 
       SupportedUICultures = new List<CultureInfo> 
       { 
        new CultureInfo("en-US"), 
        new CultureInfo("es-ES") 

       }, 
       RequestCultureProviders = new List<IRequestCultureProvider> 
       { 
        new CookieRequestCultureProvider 
        { 
         CookieName = "_cultureLocalization" 
        }, 
        new QueryStringRequestCultureProvider(), 
        new AcceptLanguageHeaderRequestCultureProvider 
        { 

        } 

       } 
      }; 

      app.UseRequestLocalization(requestLocalizationOptions, defaultRequestCulture: new RequestCulture("en-US")); 

      app.UseFacebookAuthentication(options => 
      { 
       options.AppId = "*****"; 
       options.AppSecret = "****"; 
      }); 

      app.UseGoogleAuthentication(options => 
      { 
       options.ClientId = "*****"; 
       options.ClientSecret = "***"; 
      }); 



      app.UseMvc(routes => 
      { 
       routes.MapRoute(
        name: "default", 
        template: "{controller=Home}/{action=Index}/{id?}"); 

       routes.MapRoute(
        name: "view", 
        template: "{customName}/{id}", 
        defaults: new { controller = "View", action = "Index" }); 

      }); 

     } 

Answer 1

會話沒有連接到認證，你試圖解決它在錯誤的辦法。

所有表單身份驗證票據和Cookie都使用數據保護層進行加密和簽名。您遇到的問題是由於加密密鑰未保存，應用程序彼此隔離。

爲了解決它，你必須共享這兩個加密密鑰並在代碼中設置一個應用程序名稱。誠實地說，我建議你不要。預生產不是一項實時服務，您不應該一次能夠同時進行身份驗證。

如果你覺得你必須這樣做，那麼你需要共享加密密鑰環，並設置一個固定的應用程序名稱。您可以通過共享文件夾共享密鑰，也可以將它們存儲在共享位置（如SQL或Azure存儲）中。爲了做到這一點，您必須通過實施IXmlRepository來編寫自己的鑰匙圈供應商。在共享密鑰後，您可以在數據保護配置期間通過使用SetApplicationName來設置固定的應用程序標識符。