DispatchGlobal/Dispatch will 400 error when execute HttpContext.SignInAsync before.

[hanxiao123]

I just need update userinfo header when user logoin success,but when I execute HttpContext.SignInAsync and DispatchGlobal will 400 error ,In other cases DispatchGlobal is normal.
var claims = new List
{
new Claim(ClaimTypes.Name, "111"),
new Claim(ClaimTypes.Role, "User")
};

var claimsIdentity = new ClaimsIdentity(claims, AppConst.AuthenticationScheme);
await HttpContext.SignInAsync(AppConst.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));

DispatchGlobal(new UserEvent());

DispatchGlobal will receive 400 error.

[kjeske]

Hi! Unfortunately I can't reproduce it. In the test project I called SignInAsync, then DispatchGlobal, and the response code was 200 OK. I would need some minimal source code package with this error to investigate further.

[hanxiao123]

the first time to click button,the event is 400 error:

but,the second time to click button is ok without doing anything:

[hanxiao123]

hydro-test-dispatch.zip
Above is the minimal source code package.

[hanxiao123]

DispatchGlobal is 200 OK, but the event is 400,if delete "Dispatch",it will be ok.like this

My intention was to refresh the header after sending the event to display the user information.

[kjeske]

The problem is with anti-forgery token. After signing in, it changes, but Hydro still has the previous one. Then we try to trigger an event with obsolete token. Usually when users refresh the page after login, this issues doesn't occur, because the tokens are retrieved again on page reload.

Hydro already has a mechanism to auto-refresh the token, but it happens when server returns first 400 status code. So it first fails and then it gets refreshed.

For now, a dirty workaround would be to call your event twice:

DispatchGlobal(new UserEvent()); // fail and refresh token
DispatchGlobal(new UserEvent()); // will work

I will address this issue, so this hack is not needed :)