FormsAuthenticationTicket.expiration v web.config值超时

Question

这是一个MVC2网站,我遇到了FormsAuthentication票证的问题.30分钟后用户超时无法重新登录.在测试期间,DateTime.Now.AddMinutes(30)值设定为5000,一切正常,但是现在改为30,这是再当问题开始

从cookie创建

 FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
            1,
            user.UserID,
            DateTime.Now,
            DateTime.Now.AddMinutes(30),
            false,
            "user,user1",
            FormsAuthentication.FormsCookiePath);

Web.config文件

<authentication mode="Forms">
  <forms loginUrl="~/Account.mvc/LogOn" timeout="2880" name=".ASPXFORMSAUTH" />
</authentication>

票证创建中的到期值是否必须> = web.config值？

Answer 1

由于您是手动创建身份验证cookie,因此完全忽略web.config中的超时值.所以我建议你有相同的价值:

var ticket = new FormsAuthenticationTicket(
    1,
    user.UserID,
    DateTime.Now,
    DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
    false,
    "user,user1",
    FormsAuthentication.FormsCookiePath
);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
{
    HttpOnly = true,
    Secure = FormsAuthentication.RequireSSL,
    Path = FormsAuthentication.FormsCookiePath,
    Domain = FormsAuthentication.CookieDomain
};
Response.AppendCookie(cookie);