[英]My user isn't logged out after the session expires using asp.net identity 2.0
我有一个使用身份2进行身份验证的MVC应用程序。 登录后,如果关闭浏览器,然后再次打开应用程序,则会出现3个问题。
我正在使用IIS在Windows Server上运行该应用程序,但是我可以在本地开发环境中重现该问题。
我调试问题时,cookie和服务器上的会话均设置为1分钟后过期
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(url.Action("LogIn","Auth")),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(1),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "MyApplication"
});
问题是我从未将Cookie设置为过期,添加以下两行可解决我遇到的问题
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(url.Action("LogIn","Auth")),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "MyApplication",
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.