I have the following code:
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
ExpireTimeSpan = System.TimeSpan.FromMinutes(1),
LoginPath = new PathString("/Account/Login"),
LogoutPath = new PathString("/Account/LogOff")
});
But login session active more than 1 minute. Also, LogoutPath is not called when time is expired. Why?
It does expire.
Make sure you do not have any background ajax activity as it extends the session (SlidingExpiration
is true by default).
Also I had to manually delete the old cookie after I changed ExpireTimeSpan
from the default 14 days to a smaller value.
You must set IsPersistent to true otherwise you don't run code
ClaimsIdentity claimsIdentity = new ClaimsIdentity(Claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
IsPersistent = true
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With