【发布时间】:2020-08-11 00:46:47
【问题描述】:
问题
我有一个在本地 IIS 上运行 Identity 的 ASP.NET Core 3.1 应用程序,它的配置如下,如您所见,cookie 配置为持续 3 小时:
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IdentityOptions>(options =>
{
options.Password.RequireDigit = true;
options.Password.RequireNonAlphanumeric = true;
options.Password.RequireUppercase = true;
options.Password.RequireLowercase = true;
options.Password.RequiredLength = 8;
});
services.ConfigureApplicationCookie(options =>
{
options.Cookie.MaxAge = TimeSpan.FromHours(3);
options.Cookie.Name = "CookieNameBlaBlaBla";
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromHours(3);
options.LoginPath = new PathString("/login/login");
options.AccessDeniedPath = new PathString("/login/AccessDenied");
options.SlidingExpiration = true;
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthentication();
app.UseAuthorization();
}
LoginController.cs
var result = await _signInManager.PasswordSignInAsync(formModel.Email, formModel.Password, true, lockoutOnFailure: false); // isPersistent forced to be TRUE
问题是应用程序在大约 30 分钟后注销用户,这不应该发生。
我查看了 Microsoft 的 Identity 文档,但没有发现任何错误或缺少什么。
谁能帮帮我?
解决方案
首先,您必须遵循一个命令,即: - 首先添加会话() - 然后 AddIdentity() 或 AddDefaultIdentity() - 以及配置方法
现在,我正在使用 cookie 会话。
Startup.cs 文件示例代码:
// First AddSession()
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromMinutes(3);
options.Cookie.MaxAge = TimeSpan.FromHours(3);
options.Cookie.Name = "SessionNameBlaBlaBla";
options.Cookie.HttpOnly = true;
options.Cookie.Expiration = TimeSpan.FromHours(3);
});
// Then AddIdentity() or AddDefaultIdentity()
services.AddIdentity<User, UserRole>(options =>
{
// Password settings.
options.Password.RequireDigit = true;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireUppercase = false;
options.Password.RequireLowercase = false;
options.Password.RequiredLength = 6;
}).AddDefaultTokenProviders();
// And the configure methods
services.ConfigureApplicationCookie(options =>
{
// Cookie settings
options.Cookie.MaxAge = TimeSpan.FromHours(3);
options.Cookie.Name = "CookieNameBlaBlaBla";
options.Cookie.HttpOnly = true;
options.LoginPath = new PathString("/login/login");
options.AccessDeniedPath = new PathString("/login/AccessDenied");
options.SlidingExpiration = true;
});
感谢@Deepak Mishra 对我的帮助。
【问题讨论】:
标签: asp.net asp.net-core .net-core asp.net-identity