The problem is that I used ASP.NET Core Identity to store user data, But when I logged in, it doesn't give any cookies or sessions to me. It just tells me that I've logged in successfully but next time I want to access the web page contains [Authorize] attribute, I just can't. It redirects me to the sign in page.
if (ModelState.IsValid)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user != null)
{
var result = await _signInManager.PasswordSignInAsync(user, model.Password, true, false);
if (result.Succeeded)
{
if (ReturnUrl != null)
{
return Redirect(ReturnUrl);
}
if (!string.IsNullOrEmpty(model.AppId))
{
return RedirectToAction(nameof(Authorize), new AuthorizeModel { AppId = model.AppId, RedirectUri = model.RedirectUri, State = model.State });
}
else
{
return Ok("You have successfully logged in");
}
...... More code
Startup.cs
services.AddDbContext<PassportDbContext>(options =>
{
options.UseSqlite(Configuration.GetConnectionString("DbConnection"));
});
services.AddIdentity<OAUser, IdentityRole>()
.AddEntityFrameworkStores<PassportDbContext>()
.AddDefaultTokenProviders();
-----------------------------------------------------
app.UseHttpsRedirection();
app.UseStaticFiles();
// app.UseCookiePolicy();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
Image: The cookies after I sign in
That means the application doesn't give me any credentials that I'm signed in.
.Net core 2.1 or higher on is built-in supports GDPR (General Data Protection Regulation).
and until you accept the cookie, cookie does not set in the browser.
add this following code to ignore GDPR
services.Configure<CookiePolicyOptions>(options =>
{
options.ConsentCookie.IsEssential = true;
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
app.UseCookiePolicy();