Menu
here is web site with asp.net core 3.0.
I use CookieAuthentication and set cookie expire time as below:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = "/Home/Index/";
options.ReturnUrlParameter = "returnUrl";
options.Cookie.Name = "pa-lg";
options.Cookie.IsEssential = true;
options.SlidingExpiration = true;
options.ExpireTimeSpan = TimeSpan.FromHours(1);
});
services.AddAntiforgery(options =>
{
options.HeaderName = "X-CSRF-TOKEN";
options.Cookie.Name = "pa-tk";
options.Cookie.IsEssential = true;
options.Cookie.Expiration = TimeSpan.FromHours(1);
});
services.Configure<CookieTempDataProviderOptions>(options => options.Cookie.Name = "pa-tmp");
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromHours(1);
});
In the login action:
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
principal,
new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTime.Now.AddMinutes(60)
});
I expect that if you don't work with the site for an hour, you will need to log in again, but after about 15 minutes, the user will need to log in.
Why?
855
I found solution here:
Asp.Net core “remember me” persistent cookie not works after deploy
add below code in the Startup solved problem:
public Startup(IConfiguration configuration, IWebHostEnvironment environment)
{
Configuration = configuration;
Environment = environment;
}
public IConfiguration Configuration { get; }
public IWebHostEnvironment Environment { get; }
services.AddDataProtection()
.SetApplicationName($"my-app-{Environment.EnvironmentName}")
.PersistKeysToFileSystem(new DirectoryInfo($@"{Environment.ContentRootPath}\keys"));
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With