stackoom
  简体   繁体   中英

ASP.NET Identity 2 Remember Me - User Is Being Logged Out

 原文  2015-01-05 23:00:58       c#/ asp.net-mvc-5/ remember-me/ asp.net-identity-2

Question

I am using Identity 2.1 in my MVC5 app. I am setting the isPersistent property of the PasswordSignInAsync to true to enable 'Remember Me':

var result = await SignInManager.PasswordSignInAsync(model.Username, 
  model.Password, 
  true, 
  shouldLockout: false);

But if I stay logged in overnight, then when I refresh the page in the morning, it logs me out and I have to sign in again. How do I prevent automatic logging out until the user manually logs out?

Is it something to do with the Cookie Authentication that identity uses? I don't really understand the CookieAuthenticationOptions that are set in Startup.Auth.cs.

new CookieAuthenticationProvider
{  
   OnValidateIdentity = SecurityStampValidator
      .OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
      validateInterval: TimeSpan.FromMinutes(30),
      regenerateIdentity: (manager, user)
      => user.GenerateUserIdentityAsync(manager))
}

5 answers

solution1
 13 ACCPTED  2015-04-16 08:14:42

I think you should read this article . There are two different intervals: ValidateInterval and ExpireTimeSpan . And in your case i think you should change the expireTimeSpan , not the ValidateInterval .

solution2
 2  2015-01-05 23:29:16

There is an explanation for TimeSpan parameter in similar question . Simply use the infinite cookies, like this:

OnValidateIdentity = SecurityStampValidator
  .OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
  validateInterval: TimeSpan.FromMinutes(0),
  regenerateIdentity: (manager, user)
  => user.GenerateUserIdentityAsync(manager))

This is also needed for it to work correctly:

Call

await UserManager.UpdateSecurityStampAsync(userId);

before

AuthenticationManager.SignOut();

solution3
 0  2017-09-21 01:47:00

这篇文章中isPersistent参数设置身份验证会话是否跨多个请求持久化。

solution4
 0  2020-07-17 08:24:22

I had this issue. It was caused by my custom UserStore not implementing IUserSecurityStampStore.

public Task<string> GetSecurityStampAsync(IdentityUser user)
{
    return Task.FromResult<string>(user.SecurityStamp);
}

Without a security stamp the SecurityStampValidator has nothing to validate and so logs out the user.

solution5
 -1  2015-04-28 07:58:31

I should write more. This strange code:

OnValidateIdentity = SecurityStampValidator
  .OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
  validateInterval: TimeSpan.FromMinutes(0),
  regenerateIdentity: (manager, user)
  => user.GenerateUserIdentityAsync(manager))

was causing my app to lost cookie after 1 day. I really don`t know why, but after excluding this code and adding a mashine key to my web.config "remember me" future is finally working right.

My current code is:

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
   AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
   LoginPath = new PathString("/Account/Login"),
   ExpireTimeSpan = TimeSpan.FromDays(5)
});

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET create user and remember me asp.net core 2 identity “Remember me” does not work User gets automatically logged out 1-2 mins after being logged in ASP.NET “Remember Me” in ASP.Net User gets logged out with 'Remember me' My user isn't logged out after the session expires using asp.net identity 2.0 Make some clean up after user automatically logged out in Asp.Net Identity Asp.net Identity MVC, How to get logged in users' name in _Layout. User.Identity.Name gives me email Asp.net identity - How to maintain logged in user role? Asp.net Identity: change user role while logged in
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM