如何知道OWIN cookie什么时候到期?

时间:2014-04-15 17:37:32

标签: .net asp.net-mvc-5 session-cookies owin

我想根据OWIN cookie过期的时间创建某种倒数计时器。我正在使用OWIN和MVC 5,我从默认情况下开始了解SlidingExpiration。我没有使用' session'因为我需要这个应用程序在Web场中生活(我不打算部署会话数据库)。

2 个答案:

答案 0 :(得分:33)

您需要的是在Cookie验证阶段获取CookieValidateIdentityContext。一旦你得到它,提取你需要的任何东西,并将它们保持为Claim或你喜欢的其他方式。

对于使用Asp.NET Identity 2.0的MVC 5,您需要执行两个步骤:

  1. 定义自定义OnValidateIdentity,提取Cookie信息,并将其保留为Claim

    public class Startup
    {
      public void Configuration(IAppBuilder app)
      {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
          AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
          Provider = new CookieAuthenticationProvider
          {
            OnValidateIdentity = MyCustomValidateIdentity //refer to the implementation below
          }
        }
      }
    
    
      // this method will be called on every request
      // it is also one of the few places where you can access unencrypted cookie content as CookieValidateIdentityContext
      // once you get cookie information you need, keep it as one of the Claims
      // please ignore the MyUserManager and MyUser classes, they are only for sample, you should have yours
      private static Task MyCustomValidateIdentity(CookieValidateIdentityContext context)
      {
        // validate security stamp for 'sign out everywhere'
        // here I want to verify the security stamp in every 100 seconds.
        // but I choose not to regenerate the identity cookie, so I passed in NULL 
        var stampValidator = SecurityStampValidator.OnValidateIdentity<MyUserManager<Myuser>. MyUser>(TimeSpan.FromSeconds(100), null); 
        stampValidator.Invoke(context);
    
        // here we get the cookie expiry time
        var expireUtc = context.Properties.ExpiresUtc;
    
        // add the expiry time back to cookie as one of the claims, called 'myExpireUtc'
        // to ensure that the claim has latest value, we must keep only one claim
        // otherwise we will be having multiple claims with same type but different values
        var claimType = "myExpireUtc";
        var identity = context.Identity;
        if(identity.HasClaim(c=> c.Type == claimType))
        {
          var existingClaim = identity.FindFirst(claimType);
          identity.RemoveClaim(existingClaim); 
        }
        var newClaim = new Claim(claimType, expireUtc.Value.UtcTicks.ToString());
        context.Identity.AddClaim(newClaim);
    
        return Task.FromResult(0);
      }
    }
    
  2. 访问控制器方法中的Claim

    // since expiry time has now become part of your claims, you now can get it back easily
    // this example just returns the remaining time in total seconds, as a string value
    // assuming this method is part of your controller methods
    
    public string RemainingTime()
    {
      var identity = User.Identity as ClaimsIdentity;
      var claimType = "myExpireUtc";  //NOTE: must be the same key value "myExpireUtc" defined in code shown above
    
      if(identity != null && identity.HasClaim(c=> c.Type == claimType))
      { 
        var expireOn = identity.FindFirstValue(claimType); 
    
        DateTimeOffset currentUtc = DateTimeOffset.UtcNow;
        DateTimeOffset? expireUtc = new DateTimeOffset(long.Parse(expireOn), TimeSpan.Zero);
    
        var remaining = (expireUtc.Value - currentUtc).TotalSeconds;
    
        return remaining.ToString();
      }
      return string.Empty;
    }
    
  3. 我使用这种方法提醒我的应用程序用户在会话超时之前扩展他们的会话。

    感谢这篇文章How do I access Microsoft.Owin.Security.xyz OnAuthenticated context AddClaims values?

答案 1 :(得分:0)

我只是想以第一个答案为基础,因为使用自定义用户存储时,我无法使其正常工作。尽管对我来说,实现似乎更简单

public static class ApplicationCookieValidateIdentityContext
    {
        public static Task ApplicationValidateIdentity(CookieValidateIdentityContext context)
        {          
            var identity = context.Identity;

            if (identity.HasClaim(c => c.Type ==  "expires"))
            {
                var existingClaim = identity.FindFirst( "expires");
                identity.RemoveClaim(existingClaim);
            }

            if (context.Properties.ExpiresUtc == null) return Task.FromResult(0);

            context.Identity.AddClaim(new Claim("expires", context.Properties.ExpiresUtc.ToString()));

            return Task.FromResult(0);
        }
    }

我还创建了一个过滤器,将过期时间添加到cookie

// make sure its defaulted because the claim is not set on the login callback
var expires = DateTimeOffset.Now.AddMinutes(
    Convert.ToDouble(ConfigurationManager.AppSettings["SessionTimeInMinutes"]));


if (identity.HasClaim(c => c.Type == "expires"))
{
    expires = DateTimeOffset.Parse(identity.FindFirstValue("expires"));
}

cookieHeaderValues.Add(new SessionCookeHeaderValue("expiresAt", expires.ToString("O"), expires));