使用 asp.net identity 2.0 会话过期后,我的用户未注销
My user isn't logged out after the session expires using asp.net identity 2.0
我有一个使用身份 2 进行身份验证的 MVC 应用程序。登录后,如果我关闭浏览器,然后再次打开应用程序,会出现3个问题。
- 用户没有被重定向到登录页面
- 该会话仍包含声明中的一些用户详细信息
- 会话缺少声明中不属于身份框架的其他自定义信息
我正在使用 IIS 运行 Windows 服务器上的应用程序,但我可以在我的本地开发环境中重现该问题
在我调试问题时,cookie 中的会话和服务器上的会话都设置为 1 分钟后过期
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(url.Action("LogIn","Auth")),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(1),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "MyApplication"
});
问题是我从未将 cookie 设置为过期,添加以下 2 行解决了我遇到的问题
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(url.Action("LogIn","Auth")),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "MyApplication",
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
});
我有一个使用身份 2 进行身份验证的 MVC 应用程序。登录后,如果我关闭浏览器,然后再次打开应用程序,会出现3个问题。
- 用户没有被重定向到登录页面
- 该会话仍包含声明中的一些用户详细信息
- 会话缺少声明中不属于身份框架的其他自定义信息
我正在使用 IIS 运行 Windows 服务器上的应用程序,但我可以在我的本地开发环境中重现该问题
在我调试问题时,cookie 中的会话和服务器上的会话都设置为 1 分钟后过期
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(url.Action("LogIn","Auth")),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(1),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "MyApplication"
});
问题是我从未将 cookie 设置为过期,添加以下 2 行解决了我遇到的问题
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(url.Action("LogIn","Auth")),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "MyApplication",
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
});