I am creating 2 web applications using ASP.net core 3.1 . I need to call 1st application in iFrame in second application it resets the login identity and when i click any other link in my website it redirects to login page. How to avoid this?
Below the jQuery code I use to load iFrame .
$(document).ready(function () {
$(function () {
$('#previewBot').on('click', function () {
var client = $("#client_id_Broker").html();
var secret = $("#session_secret").html();
var siteid = $("#site_id_Broker").html();
var site = window.location.hostname;
var chatpopContent = "<iframe src='";
var number = 1 + Math.floor(Math.random() * 6);
var URIChat = "https://localhost:44355/?client=" + client + "&siteid=" + siteid + "&secret=" + secret + "&site=" + site + "&r=" + number ;
chatpopContent += URIChat;
chatpopContent += "' id='iView' frameborder='1' class='frame-container' referrerpolicy='no-referrer' rel='noreferrer' async='false' ></iframe>";
$("#showpreview").empty();
$("#iView").remove();
$("#showpreview").append(chatpopContent);
});
});
});
Below is my startup config, is there anything wrong in this? or what should be added to avoid redirecting to login page after calling iframe?
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("SqlConStringLocal")));
services.AddDefaultIdentity<ApplicationUser>(options =>
{
options.SignIn.RequireConfirmedAccount = true;
options.User.AllowedUserNameCharacters = "abcdefghijklmnopqrstffgsfsdfsfsfff123456789-_";
options.User.RequireUniqueEmail = true;
}).AddEntityFrameworkStores<ApplicationDbContext>();
services.ConfigureApplicationCookie(o => {
o.ExpireTimeSpan = TimeSpan.FromDays(5);
o.SlidingExpiration = true;
});
services.AddMvc(o =>
{
//Add Authentication to all Controllers by default.
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
o.Filters.Add(new AuthorizeFilter(policy));
}).AddNToastNotifyNoty(new NotyOptions
{
Layout = "bottomRight",
ProgressBar = true,
Timeout = 5000,
Theme = "metroui"
});
services.Configure<DataProtectionTokenProviderOptions>(o =>
o.TokenLifespan = TimeSpan.FromHours(3));
services.AddAutoMapper(typeof(Startup));
services.AddRazorPages();
services.AddControllers();
services.AddSignalR();
services.AddTransient<IEmailSender, EmailSender>();
services.Configure<AuthMessageSenderOptions>(Configuration);
//services.AddSingleton<IRepository, Repository>();
services.AddScoped<ISitesRepository, SitesRepository>();
services.AddCors();
services.AddControllersWithViews()
.AddNewtonsoftJson()
.AddXmlDataContractSerializerFormatters();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseCors(builder =>
{
builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
});
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseNToastNotify();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapControllers();
endpoints.MapHub<ChatAdminHub>("/chatAdminHub");
});
}
I was able manage to solve the issue by adding below cookiePolicyOptions.
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.OnAppendCookie = cookieContext =>
CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
options.OnDeleteCookie = cookieContext =>
CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
});
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Name = "myappcookieName";
options.Cookie.SameSite = SameSiteMode.None;
});