堆棧內存溢出
  簡體   English   中英

帶有Identity的ASP.NET Core 2.0中的Cookie過期

[英]Cookie expiry in ASP.NET Core 2.0 with Identity

 原文  2017-08-25 06:31:48       asp.net/ .net/ asp.net-core/ asp.net-identity/ asp.net-core-2.0

問題描述

環境:ASP.NET Core 2.0,與cookie的身份。

Startup.ConfigureServices()有這樣的: 

services.ConfigureApplicationCookie(options => {
  options.ExpireTimeSpan = TimeSpan.FromDays(14);
  options.Cookie.Expiration = TimeSpan.FromDays(14);
});

第一個來自CookieAuthenticationOptions 第二個來自CookieBuilder 文檔還提到了Microsoft.AspNetCore.Http.CookieOptions.Expires (雖然它在lambda中不可用)。

這些有什么區別? 在Core2中設置到期時間的正確方法是什么?

2 個解決方案

解決方案1
 3  2017-08-25 12:11:32

以下是我用來設置我使用的測試應用程序中的cookie的到期時間。 

public class Startup
{
    ...

    // This method gets called by the runtime. Use this method to add services to the container
    public void ConfigureServices(IServiceCollection services)
    {
        // Add framework services.
        ...

        ...  // before services.AddMvc();!
        services.AddAuthentication().AddCookie(options => {
            options.Cookie.Expiration = TimeSpan.FromDays(14);
            options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
            options.Cookie.Name = "MyCookieName";
            options.LoginPath = "/Account/Login";
            options.AccessDeniedPath = "/Account/Forbidden";
        });

        // OR Perhaps, this could be what you need
        services.ConfigureApplicationCookie(options =>
        {
            options.Cookie.Expiration = TimeSpan.FromDays(150);
            options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
            options.Cookie.Name = "MyCookieName";
            options.LoginPath = "/Account/Login";
            options.AccessDeniedPath = "/Account/Forbidden";
        });
        ...
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline
    public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
    {
        ... // before app.UseMvc();!
        app.UseAuthentication();
        // WAS -> app.UseCookieAuthentication();
        ...
    }
    ...
}

我認為這應該讓你朝着正確的方向前進。

這對我有用,我還沒有發現任何問題。 雖然,自Core 2.0 RTM起僅僅幾周了。 :)

希望這可以幫助。

解決方案2
 1  2018-02-13 09:09:40

這段代碼適合我。 只有第二個塊會更改cookie過期 

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options =>
        {
            // Cookie settings
            options.Cookie.HttpOnly = true;
            options.Cookie.SameSite = SameSiteMode.Strict;
            options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
            options.LoginPath = "/Account/Login";
            options.LogoutPath = "/Account/Logout";
            options.AccessDeniedPath = "/Account/AccessDenied";
        });

        services.ConfigureApplicationCookie(options =>
        {
            // Cookie settings, only this changes expiration
            options.Cookie.HttpOnly = true;
            options.Cookie.Expiration = TimeSpan.FromDays(150);
            options.ExpireTimeSpan = TimeSpan.FromDays(150);
        });

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 ASP.NET Core 2.0中的防偽cookie 沒有身份的 ASP.NET Core 2.0 Cookie 身份驗證不指向 LoginPath ASP.NET Identity 2.0解密Owin cookie 沒有Identity ASP.NET Core v2的Cookie中間件 使用asp.net核心身份將數據存儲在cookie中 使用ASP.NET Core Identity將令牌保存在Cookie中 如何為ASP.NET Core Identity cookie設置路徑 頁面上的Cookie身份驗證問題請求ASP.NET Core和身份 Asp.net核心2.0 Angular模板:添加身份和身份驗證 沒有身份的ASP.NET Core 2.0 Bearer Auth
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM