aspire icon indicating copy to clipboard operation
aspire copied to clipboard
verified publisher icon dotnet

Use different cookie name for dashboard

Open jack775544 opened this issue 1 year ago • 0 comments

Introduction

Currently the aspire dashboard uses 2 cookies for authentication

  • .AspNetCore.Cookies
  • .AspNetCore.Antiforgery.<id>

These cookie names are the defaults for ASP.NET Core. This means that when making an ASP.NET application that uses cookie auth, there is a cookie name conflict with the dashboard since both will be running on localhost. This means that when logging into the hosted application, you are logged out of the dashboard and vice versa.

While this can be worked around by changing the cookie name from the application side, it is not a great experience to have the dashboard conflict with the out of the box cookie auth in ASP.NET core.

Proposal

Use a different cookie name for the dashboard so its login cookie doesn't conflict with other ASP.NET Core applications by default.

Notes

This may be related to some of the causes of #3899

jack775544 avatar May 23 '24 06:05 jack775544