持久cookie不会持续存在?

时间:2013-04-26 15:31:14

标签: c# asp.net webforms

我创建了一个Cookie:

   FormsAuthentication.SetAuthCookie(e.EmployeID.ToString(), true);

有了这个,我希望能够保持登录,直到我明确退出,但在30分钟后,我必须重新登录。

这是我的认证课程:

    public static class Authorization
    {
        public static bool Login(string username, string password, bool persist)
        {
            Employee e = ResourceManager.GetEmployeeByEmail(username);

            if (e == null || !ResourceManager.VerifyEmployeePassword(e.EmployeID, password))
            {
                return false;
            }

            FormsAuthentication.SetAuthCookie(e.EmployeID.ToString(), persist);
            return true;
        }

        public static void Logout()
        {
            FormsAuthentication.SignOut();
        }

        public static string GetUserId()
        {
            return HttpContext.Current.User.Identity.Name;
        }

        public static string GetUsername()
        {
            return GetEmployee().EmployeEmail;
        }

        public static bool IsAuthenticated()
        {
            return HttpContext.Current.User.Identity.IsAuthenticated;
        }

        public static Employee GetEmployee()
        {
            int id = 0;
            int.TryParse(GetUserId(), out id);
            return ResourceManager.GetEmployee(id);
        }

        public static bool IsAdministrator()
        {
            if (!IsAuthenticated())
            {
                return false;
            }

            Employee e = GetEmployee();

            if (e != null)
            {
                return SecurityManager.IsEmployeeAdmin((e.EmployeID));
            }

            return false;
        }
    }
}

有什么不对吗?

I have this in my web config:
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
        <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
      </assemblies>
    </compilation>
    <authentication mode="Forms" />
    <webServices>
      <protocols>
        <add name="HttpGet" />
        <add name="HttpPost" />
      </protocols>
    </webServices>

1 个答案:

答案 0 :(得分:2)

除非另有说明,否则身份验证cookie的默认超时值为30分钟

由于您声称在30分钟后退出,因此我建议您另行指定。

为此,您必须在web.config文件中设置timeout元素的<form />属性。

例如: -

<authentication mode="Forms">
  <forms loginUrl="~/login.aspx" timeout="2880" />
</authentication>