Fix with Cookies configuration from appsetting.json

Workaround to avoid 'Null effective policy causing exception' (on logout) aspnet/Mvc#7809
VirtoCommerce · Jun 8, 2018 · e163db9 · e163db9
1 parent 6e5b2bd
commit e163db9
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/VirtoCommerce.Storefront/Startup.cs b/VirtoCommerce.Storefront/Startup.cs
@@ -199,7 +199,7 @@ public void ConfigureServices(IServiceCollection services)
             //and it can lead to platform access denied for them. (TODO: Need to remove after platform migration to .NET Core)
             services.Configure<PasswordHasherOptions>(option => option.CompatibilityMode = PasswordHasherCompatibilityMode.IdentityV2);
             services.Configure<IdentityOptions>(Configuration.GetSection("IdentityOptions"));
-            services.Configure<CookieAuthenticationOptions>(Configuration.GetSection("CookieAuthenticationOptions"));
+            services.Configure<CookieAuthenticationOptions>(IdentityConstants.ApplicationScheme, Configuration.GetSection("CookieAuthenticationOptions"));
             services.AddIdentity<User, Role>(options => { }).AddDefaultTokenProviders();
 
             services.Configure<CookiePolicyOptions>(options =>
@@ -208,6 +208,12 @@ public void ConfigureServices(IServiceCollection services)
                 options.CheckConsentNeeded = context => true;
                 options.MinimumSameSitePolicy = SameSiteMode.None;
             });
+            // The Tempdata provider cookie is not essential. Make it essential
+            // so Tempdata is functional when tracking is disabled.
+            services.Configure<CookieTempDataProviderOptions>(options =>
+            {
+                options.Cookie.IsEssential = true;
+            });
 
             //Add Liquid view engine
             services.AddLiquidViewEngine(options =>
@@ -218,6 +224,11 @@ public void ConfigureServices(IServiceCollection services)
             var snapshotProvider = services.BuildServiceProvider();
             services.AddMvc(options =>
             {
+                //Workaround to avoid 'Null effective policy causing exception' (on logout)
+                //https://github.com/aspnet/Mvc/issues/7809
+                //TODO: Try to remove in ASP.NET Core 2.2
+                options.AllowCombiningAuthorizeFilters = false;
+
                 options.CacheProfiles.Add("Default", new CacheProfile()
                 {
                     Duration = (int)TimeSpan.FromHours(1).TotalSeconds,