[英]ASP.Net Core Identity - Unable to stay logged in for more than 20 mintues - IIS 7.5
將使用Identity的ASP.Net Core應用程序部署到Windows 2008 R2(IIS 7.5)之后,大約20分鍾不活動后,我無法保持登錄狀態。 我只使用簡單的用戶名/密碼身份驗證,沒有第三方的東西。
在運行VS 2017的Dev計算機上這不是問題。
AccountController.cs
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, true, lockoutOnFailure: false);
if (result.Succeeded)
{
_logger.LogInformation(1, "User logged in.");
return RedirectToLocal(returnUrl);
}
if (result.RequiresTwoFactor)
{
return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
}
if (result.IsLockedOut)
{
_logger.LogWarning(2, "User account locked out.");
return View("Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return View(model);
}
}
return View(model);
}
任何幫助,感激不盡。
編輯這里是我的ConfigureServices方法的全部內容。 它具有可能相關的授權策略。
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddAuthorization(options =>
{
options.AddPolicy("UserOnly", policy => policy.RequireRole("User"));
options.AddPolicy("InstructorOnly", policy => policy.RequireRole("Instructor"));
options.AddPolicy("AdminOnly", policy => policy.RequireRole("Admin"));
options.AddPolicy("SystemManagerOnly", policy => policy.RequireRole("Manager"));
});
services.AddMvc(config =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
config.Filters.Add(new AuthorizeFilter(policy));
});
// Add application services.
services.AddTransient<IEmailSender, AuthMessageSender>();
services.AddTransient<ISmsSender, AuthMessageSender>();
// Configure Identity
services.Configure<IdentityOptions>(options =>
{
// Password settings
options.Password.RequireDigit = true;
options.Password.RequiredLength = 8;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireUppercase = false;
options.Password.RequireLowercase = false;
// Lockout settings
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(240);
options.Lockout.MaxFailedAccessAttempts = 10;
// Cookie settings
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(15);
options.Cookies.ApplicationCookie.LoginPath = "/Account/LogIn";
options.Cookies.ApplicationCookie.LogoutPath = "/Account/LogOff";
options.Cookies.ApplicationCookie.SlidingExpiration = true;
// User settings
options.User.RequireUniqueEmail = true;
});
var appSettings = Configuration.GetSection("AppSettings");
services.Configure<AppSettings>(appSettings);
// Inject the ability to get current user
services.AddTransient<IHttpContextAccessor, HttpContextAccessor>();
// Inject the User access class
services.AddTransient<UserResolverService>();
}
這是Chrome開發工具的屏幕截圖,顯示了響應/請求cookie。 “登錄”頁面似乎發送了正確的cookie,該cookie的到期日為15天。 隨后的頁面使用此Cookie進行調用。
_signInManager.PasswordSignInAsync創建這樣的cookie
Set-Cookie: .AspNetCore.Identity.Application=<cookie value>; expires=Fri, 14 Jul 2017 02:59:56 GMT; path=/; httponly
下次您發出請求時,如果它在過期時間戳記之內,則應發送此cookie。
您是否編寫了一些自定義授權策略 ? 同樣在您的應用程序中,是否在會話中存儲任何內容和/或任何全局變量,然后在登錄時進行檢查?
IIS的默認IdleTimeout是20分鍾。每當任何工作進程閑置超過20分鍾時,IIS都會關閉該進程。當下一個請求到來時,它將自動啟動工作進程。您可以配置更高的超時時間或無限的超時時間用於應用程序池
由於某些非常奇怪的原因,我不再看到此問題。
我對配置或代碼所做的唯一更改是配置IIS版本日志以啟用cs(Cookie)。
感謝您的幫助@Rohith Rajan
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.