[英]Cookie expiry in ASP.NET Core 2.0 with Identity
環境:ASP.NET Core 2.0,與cookie的身份。
在Startup.ConfigureServices()
有這樣的:
services.ConfigureApplicationCookie(options => {
options.ExpireTimeSpan = TimeSpan.FromDays(14);
options.Cookie.Expiration = TimeSpan.FromDays(14);
});
第一個來自CookieAuthenticationOptions
。 第二個來自CookieBuilder
。 文檔還提到了Microsoft.AspNetCore.Http.CookieOptions.Expires
(雖然它在lambda中不可用)。
這些有什么區別? 在Core2中設置到期時間的正確方法是什么?
以下是我用來設置我使用的測試應用程序中的cookie的到期時間。
public class Startup
{
...
// This method gets called by the runtime. Use this method to add services to the container
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
...
... // before services.AddMvc();!
services.AddAuthentication().AddCookie(options => {
options.Cookie.Expiration = TimeSpan.FromDays(14);
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
options.Cookie.Name = "MyCookieName";
options.LoginPath = "/Account/Login";
options.AccessDeniedPath = "/Account/Forbidden";
});
// OR Perhaps, this could be what you need
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Expiration = TimeSpan.FromDays(150);
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
options.Cookie.Name = "MyCookieName";
options.LoginPath = "/Account/Login";
options.AccessDeniedPath = "/Account/Forbidden";
});
...
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
... // before app.UseMvc();!
app.UseAuthentication();
// WAS -> app.UseCookieAuthentication();
...
}
...
}
我認為這應該讓你朝着正確的方向前進。
這對我有用,我還沒有發現任何問題。 雖然,自Core 2.0 RTM起僅僅幾周了。 :)
希望這可以幫助。
這段代碼適合我。 只有第二個塊會更改cookie過期
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
// Cookie settings
options.Cookie.HttpOnly = true;
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.LoginPath = "/Account/Login";
options.LogoutPath = "/Account/Logout";
options.AccessDeniedPath = "/Account/AccessDenied";
});
services.ConfigureApplicationCookie(options =>
{
// Cookie settings, only this changes expiration
options.Cookie.HttpOnly = true;
options.Cookie.Expiration = TimeSpan.FromDays(150);
options.ExpireTimeSpan = TimeSpan.FromDays(150);
});
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.