AntiForgeryToken Expiration Blank Page

后端 未结 3 1539
情书的邮戳
情书的邮戳 2021-02-20 03:17

I\'m using IdentityServer4 with ASP.NET Core 2.2. On the Post Login method I have applied the ValidateAntiForgeryToken. Generally after 20 minutes to 2 hours of sitting on the l

3条回答
  •  [愿得一人]
    2021-02-20 03:46

    This was my final solution. I added a attribute using the IAntifogery dependency injection.

    public class CustomValidationAttribute : ActionFilterAttribute
    {
        private IAntiforgery _antiForgery { get; }
    
        public CustomValidationAttribute(IAntiforgery antiforgery)
        {
            _antiForgery = antiforgery;
        }
    
        public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
        {
            var isRequestValid = await this._antiForgery.IsRequestValidAsync(context.HttpContext);
            if (!isRequestValid)
            {
                //Add Code here if token is not valid
    
                return;         
            }
    
            await next();
        }
    }
    

    Add the attribute to your controller methods that also use [HttpPost]

    [TypeFilter(typeof(CustomValidationAttribute))]
    

提交回复
热议问题