我似乎无法理解 Identity 2.0 和 cookies 的工作方式。 ASP.NET MVC 5。
我想要的是:
如果用户登录并选中“记住我”复选框,我不希望他永远退出。但是发生的情况是:用户在一定时间跨度后退出。
如果用户在时间跨度之前关闭浏览器,“记住我”功能就会起作用。 (当他重新打开网站时,他仍然处于登录状态。)
这是我用于登录的代码:
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Require the user to have confirmed their email before they can log on.
var user = await UserManager.FindByNameAsync(model.Email);
if (user != null)
{
if (!await UserManager.IsEmailConfirmedAsync(user.Id))
{
await SendEmailConfirmationTokenAsync(user.Id);
ModelState.AddModelError("", "Gelieve eerst je e-mailadres te bevestigen.");
return View(model);
}
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: true);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Ongeldige aanmeldpoging.");
return View(model);
}
}
这是 Startup.Auth 中的代码:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
ExpireTimeSpan = TimeSpan.FromMinutes(5),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser, int>(
validateInterval: TimeSpan.FromMinutes(10),
regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager),
getUserIdCallback: (id) => (id.GetUserId<int>()))
}
});
因此,我希望用户在 5 分钟后不会注销,因为 isPersistent 标志是在 PasswordSignInAsync 函数中设置的。
谢谢你的帮助。