1

I have dotnet core 1.1 version code works for authentication. I have two cookies, one for user and one for admin so admin can impersonate as the user. 

  app.UseCookieAuthentication(new CookieAuthenticationOptions()
        {
            AuthenticationScheme = config.Value.AppCookie,
            LoginPath = new PathString("/Login/"),
            AccessDeniedPath = new PathString("/Login/"),
            AutomaticAuthenticate = true,
            CookieSecure = CookieSecurePolicy.SameAsRequest,
            //ExpireTimeSpan = TimeSpan.FromHours(1),
            AutomaticChallenge = true
        });

        app.UseCookieAuthentication(new CookieAuthenticationOptions()
        {
            AuthenticationScheme = config.Value.AdminCookie,
            LoginPath = new PathString("/Login/"),
            AccessDeniedPath = new PathString("/Login/"),
            AutomaticAuthenticate = true,
            CookieSecure = CookieSecurePolicy.SameAsRequest,
            //ExpireTimeSpan = TimeSpan.FromHours(1),
            AutomaticChallenge = true
        });

core 2.1

 services.AddAuthentication(options =>
        {
            options.DefaultScheme = _config.AppCookie;
            options.DefaultChallengeScheme = _config.AppCookie;
        }).AddCookie(_config.AppCookie, options =>
        {
            options.LoginPath = "/Login/";
            options.AccessDeniedPath = "/Login/";
        });


        services.AddAuthentication(options =>
        {
            options.DefaultScheme = _config.AdminCookie;
            options.DefaultChallengeScheme = _config.AdminCookie;
        }).AddCookie(_config.AdminCookie, options =>
        {
           options.LoginPath = "/Login/";
           options.AccessDeniedPath = "/Login/";
        });

if I take look at User.Claims, there is only one claim object, in this case is the AdminCookie. If I switch the AddAuthentication AppCookie come after AdminCookie, then only the AppCookie in User.Claims. I need to use both, how do can I change my code.

Singin code for User 

        List<Claim> userClaims = new List<Claim>();
        userClaims.Add(cl);

        ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(userClaims, _config.AuthType));
        await HttpContext.SignInAsync(_config.AppCookie, principal, new AuthenticationProperties
        {
            IsPersistent = true,
            ExpiresUtc = DateTime.UtcNow.AddMinutes(120)
        });

Singin code for Admin

 Claim cl = new Claim(ClaimTypes.Role, "Admin", appcon.User.ToString());
        userClaims.Add(cl);

        ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(userClaims, _config.AdminAuthType));
        await HttpContext.SignInAsync(_config.AdminCookie, principal, new AuthenticationProperties
        {
            IsPersistent = true,
            ExpiresUtc = DateTime.UtcNow.AddYears(1)
        });
Benzhi Pan
  • 161
  • 1
  • 14
  • I found answer here https://stackoverflow.com/questions/45695382/how-do-i-setup-multiple-auth-schemes-in-asp-net-core-2-0 – Benzhi Pan Oct 31 '18 at 13:31

0 Answers0