我使用Owin通过Google oAuth进行授权.以下是我的cookie配置方式:
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Authentication/Login")
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
所以我正在使用UseCookieAuthentication和UseExternalSignInCookie,这似乎是多余的.我应该为IAuthenticationManager方法(SignIn,SingOUt等)指定这两种AuthenticationType中的哪一种?或者我应该只保留其中一个?
更新.让我最困惑的是SignIn方法:
private async Task SignInAsync(ApplicationUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
}
所以来自ExternalCookie的注销,但在ApplicationCookie中有迹象.