ASP.NET Identity 2 Remember Me - User Is Being Log

2019-03-19 05:57发布

站内问答 / C#
1275 4 6

I am using Identity 2.1 in my MVC5 app. I am setting the isPersistent property of the PasswordSignInAsync to true to enable 'Remember Me':

var result = await SignInManager.PasswordSignInAsync(model.Username, 
  model.Password, 
  true, 
  shouldLockout: false);

But if I stay logged in overnight, then when I refresh the page in the morning, it logs me out and I have to sign in again. How do I prevent automatic logging out until the user manually logs out?

Is it something to do with the Cookie Authentication that identity uses? I don't really understand the CookieAuthenticationOptions that are set in Startup.Auth.cs.

new CookieAuthenticationProvider
{  
   OnValidateIdentity = SecurityStampValidator
      .OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
      validateInterval: TimeSpan.FromMinutes(30),
      regenerateIdentity: (manager, user)
      => user.GenerateUserIdentityAsync(manager))
}

4条回答
我只想做你的唯一
2楼-- · 2019-03-19 06:42

I think you should read this article . There are two different intervals: ValidateInterval and ExpireTimeSpan. And in your case i think you should change the expireTimeSpan, not the ValidateInterval.

查看更多
0人赞 添加讨论(0) 举报
趁早两清
3楼-- · 2019-03-19 06:43

There is an explanation for TimeSpan parameter in similar question. Simply use the infinite cookies, like this:

OnValidateIdentity = SecurityStampValidator
  .OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
  validateInterval: TimeSpan.FromMinutes(0),
  regenerateIdentity: (manager, user)
  => user.GenerateUserIdentityAsync(manager))

This is also needed for it to work correctly:

Call 

await UserManager.UpdateSecurityStampAsync(userId);

before 

AuthenticationManager.SignOut();
查看更多
0人赞 添加讨论(0) 举报
唯我独甜
4楼-- · 2019-03-19 06:45

I should write more. This strange code:

OnValidateIdentity = SecurityStampValidator
  .OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
  validateInterval: TimeSpan.FromMinutes(0),
  regenerateIdentity: (manager, user)
  => user.GenerateUserIdentityAsync(manager))

was causing my app to lost cookie after 1 day. I really don`t know why, but after excluding this code and adding a mashine key to my web.config "remember me" future is finally working right.

My current code is:

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
   AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
   LoginPath = new PathString("/Account/Login"),
   ExpireTimeSpan = TimeSpan.FromDays(5)
});
查看更多
0人赞 添加讨论(0) 举报
再贱就再见
5楼-- · 2019-03-19 06:45

Form this post, the isPersistent parameter sets whether the authentication session is persisted across multiple requests.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)