ASP.NET Identity 3.0 authentication cookie not getting created

Question

I am attempting to add ASP.NET Identity 3.0 single user authentication to the "ASP.NET Core Application Angular template" within Visual Studio 2017. I have created a GitHub repository here:

https://github.com/DapperDanH/NutmegStackoverflow

There really is not much to this project yet. From a high level, this is what i did:

1. Created a new "ASP.NET Core Web Application" with .NET Core and ASP.NET Core 2.0 and chose the Angular template within Visual Studio.
2. I added ASP.Identity, EF Core and scaffold code first files from an existing database.
3. I copied and pasted many of the Controllers and Views from the "ASP.NET Core Web Application" with the Web Application template using "Individual User Account" sample project.
4. I modified the Startup.cs (added service.AddIdentity and app.UseAuthentication(), etc)

My goal is to use standard ASP.NET MVC for the authentication portions.

Everything appears to work. The web application launches and shows the home page. I created links to "Register" and "Login" pages. I can successfully register a new user and the new user is added to the database. The user can enter their information in the Login page, and the AccountController.Login method returns success to the PasswordSignInAsync method:

                var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);

The issue is, no auth cookie is created. Well, about 99% of the time a cookie is NOT created but every now and then one is created.

My gut says the issue may be in the Startup.cs. Here is the code I am using:

// This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<NutmegContext>(options =>
            options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

        services.AddIdentity<User, AppRole>()
            .AddEntityFrameworkStores<NutmegContext>()
            .AddDefaultTokenProviders();
        // Add application services.
        services.AddTransient<IEmailSender, EmailSender>();

        services.AddMvc();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseWebpackDevMiddleware(new WebpackDevMiddlewareOptions
            {
                HotModuleReplacement = true
            });
            app.UseDatabaseErrorPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
        }

        app.UseStaticFiles();
        app.UseAuthentication();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");

            routes.MapSpaFallbackRoute(
                name: "spa-fallback",
                defaults: new { controller = "Home", action = "Index" });
        });
    }

I really hope someone can help me. To see this in action:

1. Download the project here: https://github.com/DapperDanH/NutmegStackoverflow
2. Run Update-Database in the Package Manager Console making sure the Default Project is Nutmeg.Data.
3. Run the application making sure the Nutmeg.Web is the startup project.
4. Click on Register button and register a new user. Check the db and notice the user is added.
5. Click on Login. Enter same information used in step 4. Did a cookie get created?

Hoping someone can help me out. Thanks for reading this long post!

Thanks, Dan

Answer 1

I was able to get the application to consistently create the auth cookie but switching my web project to HTTPS. I have no clue why that would matter, but it seems to fix it. anyone able to explain?