[英]cookie not working for remember me in asp.net
我使用以下代碼登錄網站:
var userId = User.UserId;
var userData = userId.ToString(CultureInfo.InvariantCulture);
var authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddMinutes(30), persistanceFlag, userData, FormsAuthentication.FormsCookiePath);
var encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
if (authTicket.IsPersistent)
{
cookie.Expires = DateTime.Now.AddMonths(6);
}
並在web.config和以下代碼中使用machinekey:
<sessionState mode="InProc" timeout="20" cookieless="UseCookies" />
<httpCookies httpOnlyCookies="true" />
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx" timeout="2880" cookieless="UseCookies" />
</authentication>
但是請記住我沒有工作! 我在瀏覽器中檢查cookie,.ASPXAUTH已保存,並且日期過期是可以的。 但是幾分鍾后,asp.net不能使用cookie的瀏覽器,記住我無法正常工作!
您還希望將cookie到期時間設置為與票證到期時間相同。
...
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Path = FormsAuthentication.FormsCookiePath
};
if (authTicket.IsPersistent)
{
cookie.Expires = encTicket.Expiration;
}
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
Response.Cookies.Add(cookie);
FYI:您可能想要刪除timeout="20"
和cookieless="UseCookies"
這是默認值 。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.