使用Azure中的ASP.NET Core在Redis中保存用户会话
我正在使用redis缓存来保存项目中的一些东西。
我正在使用Azure(WebApp),当我在我的预生产环境到生产之间进行SWAP时,用户会话丢失了,他需要重新登录我的网页。
我正在使用Identity 3.0,使用UseCookieAuthentication。 我想在Redis中存储“会话”以便在我进行交换时解决我的问题。
我没有找到有关它的信息,有什么想法吗? 谢谢
Startup.cs代码配置服务:
public void ConfigureServices(IServiceCollection services) { // Add framework services. services.AddApplicationInsightsTelemetry(Configuration); // Registers MongoDB conventions for ignoring default and blank fields // NOTE: if you have registered default conventions elsewhere, probably don't need to do this //RegisterClassMap.Init(); AutoMapperWebConfiguration.Configure(); services.AddSingleton(); // Add Mongo Identity services to the services container. services.AddIdentity(o => { // configure identity options o.Password.RequireDigit = false; o.Password.RequireLowercase = false; o.Password.RequireUppercase = false; o.Password.RequireNonLetterOrDigit = false; o.Password.RequiredLength = 6; o.User.RequireUniqueEmail = true; o.Cookies.ApplicationCookie.CookieSecure = CookieSecureOption.SameAsRequest; o.Cookies.ApplicationCookie.CookieName = "MyCookie"; }) .AddMongoStores() .AddDefaultTokenProviders(); services.AddSession(options => { options.IdleTimeout = TimeSpan.FromMinutes(60); options.CookieName = "MyCookie"; }); services.Configure(Configuration.GetSection("AppSettings")); services.AddLocalization(options => options.ResourcesPath = "Resources"); // Caching This will add the Redis implementation of IDistributedCache services.AddRedisCache(); services.Configure(options => { options.Configuration = Configuration["RedisConnection"]; }); services.AddCaching(); // Add MVC services to the services container. services.AddMvc(options => { options.CacheProfiles.Add("OneDay", new CacheProfile() { Duration = 86400, Location = ResponseCacheLocation.Any }); options.CacheProfiles.Add("OneMinute", new CacheProfile() { Duration = 60, Location = ResponseCacheLocation.Any }); }) .AddViewLocalization(options => options.ResourcesPath = "Resources") .AddDataAnnotationsLocalization(); services.Configure(Configuration.GetSection("AppOptions")); } Startup.cs代码
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { // loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); app.UseApplicationInsightsRequestTelemetry(); if (env.IsDevelopment()) { app.UseBrowserLink(); app.UseDeveloperExceptionPage(); app.UseDatabaseErrorPage(); } else { app.UseExceptionHandler("/Home/Error"); } app.UseSession(); app.UseIISPlatformHandler(options => options.AuthenticationDescriptions.Clear()); app.UseApplicationInsightsExceptionTelemetry(); app.UseStaticFiles(); app.UseIdentity(); app.UseCookieAuthentication(options => { options.AutomaticAuthenticate = true; options.LoginPath = new PathString("/Account/Login"); options.AutomaticChallenge = true; }); var requestLocalizationOptions = new RequestLocalizationOptions { // Set options here to change middleware behavior SupportedCultures = new List { new CultureInfo("en-US"), new CultureInfo("es-ES") }, SupportedUICultures = new List { new CultureInfo("en-US"), new CultureInfo("es-ES") }, RequestCultureProviders = new List { new CookieRequestCultureProvider { CookieName = "_cultureLocalization" }, new QueryStringRequestCultureProvider(), new AcceptLanguageHeaderRequestCultureProvider { } } }; app.UseRequestLocalization(requestLocalizationOptions, defaultRequestCulture: new RequestCulture("en-US")); app.UseFacebookAuthentication(options => { options.AppId = "*****"; options.AppSecret = "****"; }); app.UseGoogleAuthentication(options => { options.ClientId = "*****"; options.ClientSecret = "***"; }); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); routes.MapRoute( name: "view", template: "{customName}/{id}", defaults: new { controller = "View", action = "Index" }); }); }
会话未与身份validation相关联,您试图以错误的方式解决它。
所有表单身份validation票证和cookie都使用数据保护层进行加密和签名。 您遇到的问题是由于未保存加密密钥,以及应用程序彼此隔离。
为了解决这个问题,您必须共享加密密钥并在代码中设置应用程序名称。 说实话,我建议你不要。 预生产不是实时服务,您不应该同时对两者进行身份validation。
如果您觉得必须这样做,那么您需要共享加密密钥环,并设置固定的应用程序名称。 您可以通过共享文件夹共享密钥,也可以将密钥存储在共享位置(如SQL或Azure存储)中。 为此,您必须通过实现IXmlRepository来编写自己的密钥环提供程序。 共享密钥后,可以在数据保护配置期间使用SetApplicationName设置固定的应用程序标识符。