堆栈内存溢出
  简体   繁体   English

Asp.Net Core 2.0 Cookie身份验证在时间之前到期

[英]Asp.Net Core 2.0 Cookie Authentication Expires Before Time

 原文  2018-11-16 18:18:17       c#/ authentication/ asp.net-core-2.0/ session-cookies

问题描述

I have an MVC Asp.Net Core 2.0 application that uses Cookie Authentication. 我有一个使用Cookie身份验证的MVC Asp.Net Core 2.0应用程序。 The problem is that the session expires ahead of time and redirects the user to the login path, forcing him to authenticate again. 问题是会话提前过期,并将用户重定向到登录路径,从而迫使他再次进行身份验证。

My Startup Class: 我的启动班:

ConfigureServices Method: ConfigureServices方法: 

const string schema = "adminScheme";

services.AddAuthentication(schema).AddCookie(schema, options =>
{
    options.AccessDeniedPath = new PathString("/Account/AcessoNegado");
    options.Cookie = new CookieBuilder
    {
        HttpOnly = true,
        Name = ".Admin.Security.Cookie",
        Path = "/",
        SameSite = SameSiteMode.Lax,
        SecurePolicy = CookieSecurePolicy.SameAsRequest
    };
    options.ExpireTimeSpan = TimeSpan.FromMinutes(480);
    options.LoginPath = new PathString("/Account/Login");
    options.LogoutPath = new PathString("/Account/Logout");
    options.ReturnUrlParameter = "RequestPath";
    options.SlidingExpiration = true;
});

on Configure Method: 在配置方法上: 

 app.UseAuthentication();

My Login Method: 我的登录方式: 

var cadastro = user.FirstOrDefault();
const string Issuer = "adminScheme";

List<Claim> claims = new List<Claim>
{
    new Claim(ClaimTypes.Name, cadastro.NomeUsuario, ClaimValueTypes.String, Issuer),
    new Claim("Idusuario",cadastro.Id.ToString(), ClaimValueTypes.String, Issuer),
    new Claim("IdtipoUsuario", cadastro.IdtipoUsuario.ToString(), ClaimValueTypes.String, Issuer)
};

ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");

ClaimsPrincipal principal = new ClaimsPrincipal(identity);

await HttpContext.SignInAsync(scheme: Issuer,
        principal: principal,
        properties: new AuthenticationProperties
        {
            IsPersistent = true,
            ExpiresUtc = DateTime.UtcNow.AddMinutes(480)
        });

return RedirectToLocal(returnUrl);

And I use the [Authorize] In My Controllers. 我在控制器中使用[授权]。

1 个解决方案

解决方案1
 1  2018-11-19 08:52:25

I just tried your code. 我刚试过你的代码。 If you're using the 2.0.x version, change your code as below : 如果您使用的是2.0.x版本,请如下更改代码: 

//ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsIdentity identity = new ClaimsIdentity(claims, "adminScheme");

And now it works flawlessly for me. 现在,它对我来说完美无瑕。

By the way, the version of 2.0 has already reached end of life on October 1, 2018. It is suggested to migrate to 2.1.x 顺便说一句, 2.0版本已在2018年10月1日终止生命。建议迁移到2.1.x

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 cookie 身份验证的 ASP.NET Core 2.0 自定义中间件 - ASP.NET Core 2.0 custom middleware using cookie authentication ASP.Net core 2.0 Web API中的Cookie身份验证 - Cookie authentication in ASP.Net core 2.0 Web API 未设置 ASP.NET Core 2.0 身份验证 Cookie - ASP.NET Core 2.0 Authentication Cookie not set ASP.NET Core 2.0中的防伪cookie - Antiforgery cookie in ASP.NET Core 2.0 ASP.Net Core Cookie 身份验证不是持久的 - ASP.Net Core Cookie Authentication is not persistant Cookie身份验证ASP.NET核心 - Cookie Authentication ASP.NET Core ASP.NET Core 2.0动态身份验证 - ASP.NET Core 2.0 Dynamic Authentication ASP.NET Core 2.0身份验证中间件 - ASP.NET Core 2.0 authentication middleware ASP.NET Core 2.0身份验证不起作用 - ASP.NET Core 2.0 Authentication NOT Working 没有身份的 ASP.NET Core 2.0 Cookie 身份验证不指向 LoginPath - ASP.NET Core 2.0 Cookie Authentication without identity not directing to LoginPath
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM