[英]Cookie expiry in ASP.NET Core 2.0 with Identity
环境:ASP.NET Core 2.0,与cookie的身份。
在Startup.ConfigureServices()
有这样的:
services.ConfigureApplicationCookie(options => {
options.ExpireTimeSpan = TimeSpan.FromDays(14);
options.Cookie.Expiration = TimeSpan.FromDays(14);
});
第一个来自CookieAuthenticationOptions
。 第二个来自CookieBuilder
。 文档还提到了Microsoft.AspNetCore.Http.CookieOptions.Expires
(虽然它在lambda中不可用)。
这些有什么区别? 在Core2中设置到期时间的正确方法是什么?
以下是我用来设置我使用的测试应用程序中的cookie的到期时间。
public class Startup
{
...
// This method gets called by the runtime. Use this method to add services to the container
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
...
... // before services.AddMvc();!
services.AddAuthentication().AddCookie(options => {
options.Cookie.Expiration = TimeSpan.FromDays(14);
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
options.Cookie.Name = "MyCookieName";
options.LoginPath = "/Account/Login";
options.AccessDeniedPath = "/Account/Forbidden";
});
// OR Perhaps, this could be what you need
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Expiration = TimeSpan.FromDays(150);
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
options.Cookie.Name = "MyCookieName";
options.LoginPath = "/Account/Login";
options.AccessDeniedPath = "/Account/Forbidden";
});
...
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
... // before app.UseMvc();!
app.UseAuthentication();
// WAS -> app.UseCookieAuthentication();
...
}
...
}
我认为这应该让你朝着正确的方向前进。
这对我有用,我还没有发现任何问题。 虽然,自Core 2.0 RTM起仅仅几周了。 :)
希望这可以帮助。
这段代码适合我。 只有第二个块会更改cookie过期
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
// Cookie settings
options.Cookie.HttpOnly = true;
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.LoginPath = "/Account/Login";
options.LogoutPath = "/Account/Logout";
options.AccessDeniedPath = "/Account/AccessDenied";
});
services.ConfigureApplicationCookie(options =>
{
// Cookie settings, only this changes expiration
options.Cookie.HttpOnly = true;
options.Cookie.Expiration = TimeSpan.FromDays(150);
options.ExpireTimeSpan = TimeSpan.FromDays(150);
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.