使用asp.net identity 2.0后,我的用户在会话到期后没有注销

时间:2015-08-14 12:03:56

标签: c# asp.net asp.net-mvc session asp.net-identity-2

我有一个使用Identity 2进行身份验证的MVC应用程序。登录后,如果我关闭浏览器然后再次打开应用程序,则会出现3个问题。

  1. 用户未被重定向到登录页面
  2. 会话仍包含声明中的部分用户详细信息
  3. 会话缺少声明中不属于身份框架的其他自定义信息

    4. 我正在使用IIS在Windows Server上运行该应用程序,但我可以在我的本地开发环境中重现该问题

    我正在调试问题时,cookie和服务器上的会话都设置为在1分钟后过期

    enter image description here 

    app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString(url.Action("LogIn","Auth")),
                Provider = new CookieAuthenticationProvider
                {
                    // Enables the application to validate the security stamp when the user logs in.
                    // This is a security feature which is used when you change a password or add an external login to your account.  
                    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
                        validateInterval: TimeSpan.FromMinutes(1),
                        regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
                },
                CookieName = "MyApplication"
            });

1 个答案:

答案 0 :(得分:1)

问题是我从未将cookie设置为过期,添加以下2行修复了我遇到的问题

SlidingExpiration = true, 
ExpireTimeSpan = TimeSpan.FromMinutes(30)

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString(url.Action("LogIn","Auth")),
        Provider = new CookieAuthenticationProvider
        {
            // Enables the application to validate the security stamp when the user logs in.
            // This is a security feature which is used when you change a password or add an external login to your account.  
            OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
                validateInterval: TimeSpan.FromMinutes(30),
                regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
        },
        CookieName = "MyApplication", 
        SlidingExpiration = true, 
        ExpireTimeSpan = TimeSpan.FromMinutes(30)
    });
相关问题
最新问题