Vandan
Cookies and JWT for Authentication
I'm working on a project and need help identifying an authentication issue I'm facing. My project uses ASP.NET Core 9 for the backend and React for the frontend. I recently converted JWT authentication to use cookies, but now authentication is not working. The claims properties are missing, and the user is not getting authenticated. If anyone has experience with this, please help.
I Update the ProgramFile as well
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.Cookie.Name = ".AspNetCore.Cookies"; // Ensure this matches the actual cookie name
options.Cookie.HttpOnly = true;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always; // Set to None if testing locally without HTTPS
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.IsEssential = true;
options.LoginPath = "/auth/login"; // Adjust as needed
options.LogoutPath = "/auth/logout";
})
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("qwertyQWERTY12345ASDFzxcv67890mnbLKj0i")), // Ensure this matches JWT secret
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
})6 replies