如何设置asp.net标识cookie到期时间
Iva*_*.Yu 25 c# asp.net cookies asp.net-identity
我使用Asp.Net Identity来控制我的应用程序的授权.现在,我需要这样做:如果用户在30分钟内没有运行,请跳转到登录页面,当他登录时不选择"isPersistent"复选框.并且,如果他选择"isPersistent"复选框,请将Cookie的到期日期设置为14天.我尝试通过像这样更改Startup.Auth.cs来做到这一点:
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
SlidingExpiration = true,
CookieName = WebHelpers.ConstStrings.AUTHCOOKIESNAME
});
}
和SignIn代码如下:
private async Task SignInAsync(User user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
if (isPersistent)
{
AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
}
else
{
AuthenticationManager.SignIn(new AuthenticationProperties() { ExpiresUtc = new DateTimeOffset(DateTime.UtcNow.AddMinutes(30)) }, identity);
}
}
但是我发现当用户没有选择isPersistent复选框时,cookies的到期日期已经是"会话",而不是当前时间加上30分钟.
使用像之后的代码时的cookie状态,所以'记住我'复选框无法正常工作.:(.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
ExpireTimeSpan = TimeSpan.FromMinutes(30),
SlidingExpiration = true,
CookieName = WebHelpers.ConstStrings.AUTHCOOKIESNAME
});
tmg*_*tmg 39
如果IsPersistentproperty of AuthenticationProperties设置为false,则cookie过期时间设置为Session.
如果复选框 "记住我"被选中,然后AuthenticationManager.SignIn(new AuthenticationProperties{ IsPersistent = true }, userIdentity);将创建到期时间等于一个cookie ExpireTimeSpan,你在设置Startup.cs(默认为14天).
如果复选框 "记住我"是没有选中,那么你必须使用 AuthenticationManager.SignIn(new AuthenticationProperties{ IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30)}, userIdentity);.再次IsPersistent设置为true但现在我们给ExpiresUtc一个值,所以它不使用CookieAuthenticationOptionsfrom Startup.cs.
public override async Task SignInAsync(ApplicationUser user, bool isPersistent, bool rememberBrowser)
{
var userIdentity = await CreateUserIdentityAsync(user).WithCurrentCulture();
// Clear any partial cookies from external or two factor partial sign ins
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie, DefaultAuthenticationTypes.TwoFactorCookie);
if (rememberBrowser)
{
var rememberBrowserIdentity = AuthenticationManager.CreateTwoFactorRememberBrowserIdentity(ConvertIdToString(user.Id));
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = isPersistent }, userIdentity, rememberBrowserIdentity);
}
else
{
//AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = isPersistent }, userIdentity);
if (isPersistent)
{
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity);
}
else
{
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30) }, userIdentity);
}
}
}
- 这是哪个版本的 ASP.NET Identity?我在默认的 ASP.NET MVC 5 模板上使用 2.2.2 并登录我有以下行 `var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, isPersistent: false, shouldLockout: false); ` 并且没有 `ExpiresUtc` 或任何其他方式来设置它。 (3认同)
小智 8
用这个...
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
ExpireTimeSpan = TimeSpan.FromHours(1),
});
}
为了实现您在 ASP.NET Core 3.1 中描述的功能,我Startup按以下方式配置身份验证:
services.ConfigureApplicationCookie(o =>
{
...
o.ExpireTimeSpan = TimeSpan.FromMinutes(30);
o.SlidingExpiration = true;
...
o.Events.OnSigningIn = ctx =>
{
if (ctx.Properties.IsPersistent)
{
var issued = ctx.Properties.IssuedUtc ?? DateTimeOffset.UtcNow;
ctx.Properties.ExpiresUtc = issued.AddDays(14);
}
return Task.FromResult(0);
};
});
使用OnSigningIn回调,如果单击“isPersistent”复选框,我将到期日期明确设置为现在 + 14 天。
| 归档时间: |
|
| 查看次数: |
27105 次 |
| 最近记录: |