fix: 修复authserver服务登录成功但是没有保持登录问题

2025-10-25 22:24:18 +08:00
parent f0d1e719ac
commit c5e9ab2e5a
1 changed files with 41 additions and 0 deletions
--- a/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
+++ b/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
@ -5,12 +5,15 @@ using KonSoft.Shared.Hosting.Microservices;
 using KonSoft.Shared.Localization.Localization;
 using Localization.Resources.AbpUi;
 using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Volo.Abp;
 using Volo.Abp.Account;
 using Volo.Abp.Account.Localization;
 using Volo.Abp.Account.Web;
+using Volo.Abp.AspNetCore.Mvc.AntiForgery;
 using Volo.Abp.AspNetCore.Mvc.UI.Bundling;
 using Volo.Abp.AspNetCore.Mvc.UI.Theme.Basic;
 using Volo.Abp.AspNetCore.Mvc.UI.Theme.Basic.Bundling;
@ -52,6 +55,12 @@ public class KonSoftAuthServerModule : AbpModule

        if (!hostingEnvironment.IsDevelopment())
        {
+            PreConfigure<AbpAntiForgeryOptions>(options =>
+            {
+                options.TokenCookie.SecurePolicy = CookieSecurePolicy.Always;
+                options.TokenCookie.SameSite = SameSiteMode.Lax;
+            });
+
            PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
            {
                options.AddDevelopmentEncryptionAndSigningCertificate = false;
@ -100,6 +109,37 @@ public class KonSoftAuthServerModule : AbpModule
        {
            options.IsDynamicClaimsEnabled = true;
        });
+
+        // <20><><EFBFBD><EFBFBD>ת<EFBFBD><D7AA>ͷ
+        context.Services.Configure<ForwardedHeadersOptions>(options =>
+        {
+            options.ForwardedHeaders = ForwardedHeaders.All;
+            options.KnownNetworks.Clear();
+            options.KnownProxies.Clear();
+        });
+
+        // <20><><EFBFBD><EFBFBD>Cookie<69><65><EFBFBD><EFBFBD>
+        context.Services.Configure<CookiePolicyOptions>(options =>
+        {
+            options.CheckConsentNeeded = context => false;
+            options.MinimumSameSitePolicy = SameSiteMode.Lax;
+            options.Secure = CookieSecurePolicy.Always;
+        });
+
+        // <20><><EFBFBD><EFBFBD>Ӧ<EFBFBD><D3A6>Cookie
+        context.Services.ConfigureApplicationCookie(options =>
+        {
+            options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
+            options.Cookie.SameSite = SameSiteMode.Lax;
+            options.Cookie.HttpOnly = true;
+        });
+
+        // <20><><EFBFBD><EFBFBD><EFBFBD>ⲿ<EFBFBD><E2B2BF>֤Cookie
+        context.Services.ConfigureExternalCookie(options =>
+        {
+            options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
+            options.Cookie.SameSite = SameSiteMode.Lax;
+        });
    }

    public override void OnApplicationInitialization(ApplicationInitializationContext context)
@ -112,6 +152,7 @@ public class KonSoftAuthServerModule : AbpModule
            app.UseDeveloperExceptionPage();
        }

+        app.UseForwardedHeaders();
        app.UseAbpRequestLocalization();

        if (!env.IsDevelopment())