CODEWITHSUNDEEP
jwtasp.net-identitytokenasp.net-core-6.0
frevluve
frevluve

Reputation: 31

asp.net identity doesnt work with jwt bearer token

I created a solution with one web app that has asp.net core 6 with identity individual accounts and one web API. I added jwt tokens for the API and everything worked as it should. Now I have been told do delete the API and just add controllers in the webapp instead. I copied all the jwt files to the web app and now the asp.net identity doesnt work as it should. I can log in but as soon as the page is redirected to the homepage it says Im not logged in.

This is what I added to the program.cs file and as soon as I delete it everything works as it should. builder.Services.AddJWTTokenServices(builder.Configuration);

This is my extensions

 public static class AddJWTTokenServiceExtension
    {
        public static void AddJWTTokenServices(this IServiceCollection Services, IConfiguration Configuration)
        {
            // Add Jwt Setings
            var bindJwtSettings = new JwtSettings();
            Configuration.Bind("JsonWebTokenKeys", bindJwtSettings);
            Services.AddSingleton(bindJwtSettings);
            Services.AddAuthentication(options => {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(options => {
                options.RequireHttpsMetadata = false;
                options.SaveToken = true;
                options.TokenValidationParameters = new TokenValidationParameters()
                {
                    ValidateIssuerSigningKey = bindJwtSettings.ValidateIssuerSigningKey,
                    IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(bindJwtSettings.IssuerSigningKey)),
                    ValidateIssuer = bindJwtSettings.ValidateIssuer,
                    ValidIssuer = bindJwtSettings.ValidIssuer,
                    ValidateAudience = bindJwtSettings.ValidateAudience,
                    ValidAudience = bindJwtSettings.ValidAudience,
                    RequireExpirationTime = bindJwtSettings.RequireExpirationTime,
                    ValidateLifetime = bindJwtSettings.RequireExpirationTime,
                    ClockSkew = TimeSpan.FromDays(1),
                };
            });
        }

Upvotes: 3

Views: 2142

Answers (1)

Xinran Shen
Xinran Shen

Reputation: 9943

I can log in but as soon as the page is redirected to the homepage it says Im not logged in.

After you configure Jwt in the project, The default authentication method has become Jwt instead of identity individual accounts. Actually when you log in, you have loged in (you can check the cookie), But because the defualt authentication method is Jwt, SignInManager.IsSignedIn(User) can't get any information about User, So it will not show like Hello xxxx.

options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

The above code shows jwt as the default authentication method, you just need to remove them.

Upvotes: 2

Related Questions