我似乎在理解Identity 2.0和Cookie的工作方式时遇到了一些麻烦。 ASP.NET MVC 5.
我想要的: 如果用户登录并且他选中了“记住我”复选框,我不希望他被注销。但会发生的是:用户在一定时间后退出。
如果用户在时间跨度之前关闭浏览器,则“记住我”功能有效。 (当他重新打开网站时,他仍然登录。)
这是我登录的代码:
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Require the user to have confirmed their email before they can log on.
var user = await UserManager.FindByNameAsync(model.Email);
if (user != null)
{
if (!await UserManager.IsEmailConfirmedAsync(user.Id))
{
await SendEmailConfirmationTokenAsync(user.Id);
ModelState.AddModelError("", "Gelieve eerst je e-mailadres te bevestigen.");
return View(model);
}
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: true);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Ongeldige aanmeldpoging.");
return View(model);
}
}
这是Startup.Auth中的代码:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
ExpireTimeSpan = TimeSpan.FromMinutes(5),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser, int>(
validateInterval: TimeSpan.FromMinutes(10),
regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager),
getUserIdCallback: (id) => (id.GetUserId<int>()))
}
});
所以我希望用户在5分钟后不会注销,因为在PasswordSignInAsync函数中设置了isPersistent标志。
Thanx寻求帮助。