堆栈内存溢出
  简体   繁体   English

动态更改过期身份验证 cookie .net 核心身份

[英]change expiration auth cookie dynamically .net core identity

 原文  2020-02-19 10:24:58       c#/ cookies/ .net-core/ asp.net-core-webapi

问题描述

I have .NET Core 3.1 Web API app with .NET Core Identity.我有带有 .NET Core Identity 的 .NET Core 3.1 Web API 应用程序。 In Startup.cs I have the following code:Startup.cs我有以下代码:

services.ConfigureApplicationCookie(options =>
{
    options.ExpireTimeSpan = TimeSpan.FromHours(2);
});

But for some users I have different value of expiration time.但是对于某些用户,我有不同的到期时间值。

Can I overwrite expiration time of auth cookie dynamically?我可以动态覆盖 auth cookie 的过期时间吗? And if yes, what's the best way to do it?如果是,最好的方法是什么? Maybe there is an option in SignInManager<...> or UserManager<...> that allow to overwrite this value?也许SignInManager<...>UserManager<...>中有一个选项可以覆盖这个值?

2 个解决方案

解决方案1
 1  2020-02-20 04:47:40

The Cookies for Identity is AspNetCore.Identity.Application, and its ExpireTimeSpan is set by HandleSignInAsync . Identity Cookie 是 AspNetCore.Identity.Application,其 ExpireTimeSpan 由HandleSignInAsync设置。

You can use cookie's OnSigningIn event to dynamically set expire time for specific user :您可以使用 cookie 的OnSigningIn事件为特定用户动态设置过期时间:

services.ConfigureApplicationCookie(opt => {
    opt.Events.OnSigningIn = async (signinContext) => {

        // you can use the pricipal to query claims 
        var email = signinContext.Principal.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name).Value;
        if ("xxxx@hotmail.com".Equals(email))
        {
            // set the expiration time according to claims dynamically 
            signinContext.Properties.ExpiresUtc = DateTimeOffset.Now.AddSeconds(100);
            signinContext.CookieOptions.Expires = signinContext.Properties.ExpiresUtc?.ToUniversalTime();
        }
        else
        {
            signinContext.Properties.ExpiresUtc = DateTimeOffset.Now.AddMinutes(60);
            signinContext.CookieOptions.Expires = signinContext.Properties.ExpiresUtc?.ToUniversalTime();
        }      

    };
});

解决方案2
 0  2020-02-20 09:15:41

I use this way:我用这种方式:

await this._signInManager.SignInAsync(user, new Microsoft.AspNetCore.Authentication.AuthenticationProperties
{
    ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60)
});

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 .Net Core 3.1 Identity Server 4 中更改持久性 Cookie 过期时间 - How to Change Persistent Cookie Expiration Time in .Net Core 3.1 Identity Server 4 基于角色的.NET Core动态身份验证Cookie - .NET Core Dynamic Expiration of Identity Cookie Based On Role ASP.NET 使用 Identity Server JWT 和 Auth Cookie 进行核心身份验证 - ASP.NET Core authenticating with Identity Server JWT and Auth Cookie 基于 IPAddress 和客户端设备在 asp.net 核心 3.1 身份中设置 Cookie Expiration 时间跨度 - Set Cookie Expiration time span based on IPAddress and client device in asp.net core 3.1 identity Asp net Core Identity 令牌认证过期 - Asp net Core Identity token authentication expiration ASP.NET 核心。 如何在没有身份用户帐户的情况下创建身份验证 cookie? - ASP.NET Core. How can i create an auth cookie without an identity user account? .NET Core 3 Cookie 身份验证未设置身份 - .NET Core 3 Cookie Authentication not setting identity 没有身份验证Asp.net核心的Cookie - Cookie without Identity Asp.net core ASP.NET核心身份3 Cookie超时 - ASP.NET Core Identity 3 Cookie timeout .NET CORE 2.2 身份 + WebAPI 基本身份验证 - .NET CORE 2.2 Identity + Basic Auth for WebAPI
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM