我使用Asp.Net Identity来控制我的应用程序的授权。现在,我需要这样做:如果用户在30分钟内没有操作,请跳转到登录页面,当他登录时不选择“isPersistent”复选框。并且,如果他选择“isPersistent”复选框,请将Cookie的到期日期设置为14天。我尝试通过像这样更改Startup.Auth.cs来做到这一点:
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
SlidingExpiration = true,
CookieName = WebHelpers.ConstStrings.AUTHCOOKIESNAME
});
}
和SignIn代码如下:
private async Task SignInAsync(User user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
if (isPersistent)
{
AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
}
else
{
AuthenticationManager.SignIn(new AuthenticationProperties() { ExpiresUtc = new DateTimeOffset(DateTime.UtcNow.AddMinutes(30)) }, identity);
}
}
但是我发现当用户没有选择isPersistent复选框时,cookies的到期日期已经是“会话”,而不是当前时间加上30分钟。
使用像之后的代码时的cookie状态,所以'记住我'复选框无法正常工作。:(。
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
ExpireTimeSpan = TimeSpan.FromMinutes(30),
SlidingExpiration = true,
CookieName = WebHelpers.ConstStrings.AUTHCOOKIESNAME
});
如果IsPersistent
的AuthenticationProperties
属性设置为false,则cookie到期时间设置为Session。
如果选中复选框“记住我”,那么AuthenticationManager.SignIn(new AuthenticationProperties{ IsPersistent = true }, userIdentity);
将创建一个cookie,其有效期等于你在ExpireTimeSpan
中设置的Startup.cs
(默认为14天)。
如果未选中复选框“记住我”,则必须使用AuthenticationManager.SignIn(new AuthenticationProperties{ IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30)}, userIdentity);
。再次IsPersistent
设置为true但现在我们给ExpiresUtc一个值,所以它不使用来自CookieAuthenticationOptions
的Startup.cs
。
public override async Task SignInAsync(ApplicationUser user, bool isPersistent, bool rememberBrowser)
{
var userIdentity = await CreateUserIdentityAsync(user).WithCurrentCulture();
// Clear any partial cookies from external or two factor partial sign ins
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie, DefaultAuthenticationTypes.TwoFactorCookie);
if (rememberBrowser)
{
var rememberBrowserIdentity = AuthenticationManager.CreateTwoFactorRememberBrowserIdentity(ConvertIdToString(user.Id));
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = isPersistent }, userIdentity, rememberBrowserIdentity);
}
else
{
//AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = isPersistent }, userIdentity);
if (isPersistent)
{
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity);
}
else
{
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30) }, userIdentity);
}
}
}
用这个...
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
ExpireTimeSpan = TimeSpan.FromHours(1),
});
}
我有同样的问题,这个代码适用于我(在Startup.cs文件内)..
services.Configure<IdentityOptions>(options =>
{
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(9999);
});
这为持久性cookie增加了大约27年(或永不过期)。
注意:如果你想要更少的到期时间,你可以使用TimeSpan.FromMinutes(1);
1分钟或TimeSpan.FromSeconds(30);
30秒等。