UPDATE:
这绝对不是 RC1 中的错误。 cookie 设置与默认的 UserManager 和 UserStore 一起使用,因此它一定与我的 UserManager/UserStore 有关,我已经监督过。我基本上使用这里的实现:https://github.com/jesblit/ASPNET5-FormAuthenticationLDAP https://github.com/jesblit/ASPNET5-FormAuthenticationLDAP
原帖:
我在持久登录方面遇到问题。无论我如何配置 cookie,30 分钟后,用户都会自动注销(无论用户与应用程序交互多少)。
我设置我的应用程序:
public void ConfigureServices(IServiceCollection services)
{
services.AddCaching();
services.AddSession(options => {
options.IdleTimeout = TimeSpan.FromDays(1);
options.CookieName = ".MySessionCookieName";
});
services.AddEntityFramework()
.AddNpgsql()
.AddDbContext<Model1>(options =>
options.UseNpgsql(Configuration["Data:DefaultConnection:ConnectionString"]));
services.AddIdentity<MinervaUser, MinervaRole>(options => {
options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(1);
options.Cookies.ApplicationCookie.SlidingExpiration = true;
options.Cookies.ApplicationCookie.AutomaticAuthenticate = true;
})
.AddUserStore<MinervaUserStore<MinervaUser>>()
.AddRoleStore<MinervaRoleStore<MinervaRole>>()
.AddUserManager<MinervaUserManager>();
services.AddMvc();
}
And:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseBrowserLink();
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
try
{
using (var serviceScope = app.ApplicationServices.GetRequiredService<IServiceScopeFactory>()
.CreateScope())
{
}
}
catch { }
}
app.UseIISPlatformHandler(options => { options.AuthenticationDescriptions.Clear(); options.AutomaticAuthentication = true; });
app.UseSession();
app.UseIdentity();
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
登录操作是:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
_logger.LogInformation(1, "User logged in.");
return RedirectToLocal(returnUrl);
}
...
我正在使用默认的 SignInManager。如前所述,我在 Startup.Configure 和 Startup.ConfigureServices 中设置的过期超时根本没有效果。登录 -> 30 分钟 -> 自动注销:(
怎样做才能延长这个时间呢?
(之间:自定义用户、用户管理器、用户存储不会以任何方式干扰 Cookie,它们“只是”验证凭据(它们应该做什么;)))