Mic*_*ali 9 c# forms-authentication remember-me
我正在使用ASP.NET表单身份验证将用户登录到我们正在开发的网站.
部分功能是"记住我"复选框,如果用户检查,则会记住用户一个月.
用户登录的代码如下:
public static void Login(HttpResponse response, string username,
bool rememberMeChecked)
{
FormsAuthentication.Initialize();
FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, username, DateTime.Now,
DateTime.Now.AddMinutes(30), rememberMeChecked,
FormsAuthentication.FormsCookiePath);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(tkt));
ck.Path = FormsAuthentication.FormsCookiePath;
if (rememberMe)
ck.Expires = DateTime.Now.AddMonths(1);
response.Cookies.Add(ck);
}
web.config中的相关部分是这样的:
<authentication mode="Forms">
<forms loginUrl="Home.aspx" defaultUrl="~/" slidingExpiration="true" timeout="43200" />
</authentication>
这会记录用户正常但如果他们不使用该网站则在半小时后将其记录下来,尽管其持久性属性(rememberMeChecked)设置为true,如果为true,则cookie设置为在一个月后过期.这里有什么我想念的吗?
在此先感谢,F
看起来您的身份验证票据仍然配置为在半小时后过期,即使cookie本身在30天后到期.您可能还需要延长票证的生命周期:
public static void Login(HttpResponse response, string username,
bool rememberMeChecked)
{
DateTime expiration = DateTime.Now.AddMinutes(30);
if (rememberMe) {
expiration = DateTime.Now.AddMonths(1);
}
FormsAuthentication.Initialize();
FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, username,
DateTime.Now, expiration, rememberMeChecked,
FormsAuthentication.FormsCookiePath);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(tkt));
ck.Path = FormsAuthentication.FormsCookiePath;
response.Cookies.Add(ck);
}
| 归档时间: |
|
| 查看次数: |
17617 次 |
| 最近记录: |