[BUG] After explicit logout, hit on login, then it is automatically recognized instead of showing the login page #626

https://github.com/dotnet-architecture/eShopOnContainers/issues/626
2018-10-10 10:55:00 +02:00 · 2018-10-10 10:55:00 +02:00 · 641b732224
commit 641b732224
parent bb8dd63e69
1 changed files with 12 additions and 10 deletions
--- a/src/Services/Identity/Identity.API/Controllers/AccountController.cs
+++ b/src/Services/Identity/Identity.API/Controllers/AccountController.cs
@ -1,4 +1,9 @@
-using IdentityModel;
+using System;
+using System.Linq;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Threading.Tasks;
+using IdentityModel;
 using IdentityServer4;
 using IdentityServer4.Models;
 using IdentityServer4.Services;
@ -11,11 +16,6 @@ using Microsoft.eShopOnContainers.Services.Identity.API.Models;
 using Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels;
 using Microsoft.eShopOnContainers.Services.Identity.API.Services;
 using Microsoft.Extensions.Logging;
-using System;
-using System.Linq;
-using System.Security.Claims;
-using System.Text.Encodings.Web;
-using System.Threading.Tasks;

 namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
 {
@ -113,7 +113,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
            return View(vm);
        }

-        async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context)
+        private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context)
        {
            var allowLocal = true;
            if (context?.ClientId != null)
@ -132,7 +132,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
            };
        }

-        async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model)
+        private async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model)
        {
            var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
            var vm = await BuildLoginViewModelAsync(model.ReturnUrl, context);
@ -209,6 +209,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
            // delete authentication cookie
            await HttpContext.SignOutAsync();

+            await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
+
            // set this so UI rendering sees an anonymous user
            HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());