如何在MVC中显示Asp.net Identity cookie expire popup

时间:2018-05-05 09:22:36

标签: c# asp.net-core owin identity

我有MVC 5 Web API应用程序,它使用Asp.net身份进行身份验证和授权。这是单页面应用程序,用户可以使用电子邮件和密码登录。如果用户空闲一段时间,我必须显示会话过期弹出窗口。< / p>

我尝试在web.config中使用Session.Timeout。它不起作用,因为我的应用程序不会刷新。所有客户端都使用AJAX通信服务器。

如何根据Cookie超时显示会话过期?

public void ConfigureAuth(IAppBuilder app)         {

        string expireTimeConfig = WebConfigurationManager.AppSettings["ExpireTime"];
        int expireTimeSpan = Convert.ToInt32(expireTimeConfig);
        // Enable the application to use a cookie to store information for the signed in user
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            CookieName = "APP",
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            ExpireTimeSpan = TimeSpan.FromMinutes(expireTimeSpan),
            SlidingExpiration = true,
            Provider = new CookieAuthenticationProvider()
            {
                //  OnValidateIdentity = MyCustomValidateIdentity, //refer to the implementation below
                //    OnValidateIdentity = ImpersonatingSecurityStampValidator.OnValidateIdentity<UserManager, User>(
                //validateInterval: TimeSpan.FromMinutes(10),
                //regenerateIdentity: (manager, user) => manager.CreateIdentityAsync(user)),

                OnApplyRedirect = ctx =>
                {
                    if (!IsApiRequest(ctx.Request))
                    {
                        ctx.Response.Redirect(ctx.RedirectUri);
                    }
                },
                OnResponseSignIn = ctx =>
                {
                    var ticks = ctx.Options.SystemClock.UtcNow.AddHours(10).UtcTicks;
                    ctx.Properties.Dictionary.Add("absolute", ticks.ToString());
                },
                OnValidateIdentity = ctx =>
                {
                    bool reject = true;
                    string value;
                    if (ctx.Properties.Dictionary.TryGetValue("absolute", out value))
                    {
                        long ticks;
                        if (Int64.TryParse(value, out ticks))
                        {
                            reject = ctx.Options.SystemClock.UtcNow.UtcTicks > ticks;
                        }
                    }

                    if (reject)
                    {
                        ctx.RejectIdentity();
                        // optionally clear cookie
                        ctx.OwinContext.Authentication.SignOut(ctx.Options.AuthenticationType);
                    }

                    return Task.FromResult(0);
                }

            },


        });
        // Use a cookie to temporarily store information about a user logging in with a third party login provider
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);


        if (Convert.ToBoolean(WebConfigurationManager.AppSettings["OAuth"].ToString()))
        {
            // Uncomment the following lines to enable logging in with third party login providers
            app.UseMicrosoftAccountAuthentication(new MicrosoftAccountAuthenticationOptions
            {
                ClientId = WebConfigurationManager.AppSettings["microsoftClientId"].ToString(),
                ClientSecret = WebConfigurationManager.AppSettings["microsoftClientSecret"].ToString(),
                Scope =
            {
                "wl.basic", "wl.emails"
            }
            });

            app.UseTwitterAuthentication(
               consumerKey: WebConfigurationManager.AppSettings["twitterConsumerKey"].ToString(),
               consumerSecret: WebConfigurationManager.AppSettings["twitterConsumerSecret"].ToString());

            app.UseFacebookAuthentication(new FacebookAuthenticationOptions
            {
                AppId = WebConfigurationManager.AppSettings["facebookAppId"].ToString(),
                AppSecret = WebConfigurationManager.AppSettings["facebookAppSecret"].ToString(),
                Scope = { "email" }
            });

            var options = new GoogleOAuth2AuthenticationOptions
            {
                ClientId = WebConfigurationManager.AppSettings["googleClientId"].ToString(),
                ClientSecret = WebConfigurationManager.AppSettings["googleClientSecret"].ToString(),
                Provider = new GoogleOAuth2AuthenticationProvider
                {
                    OnAuthenticated = async context =>
                    {
                        string accessToken = context.AccessToken;

                        // Retrieve the name of the user in Google
                        string googleName = context.Name;

                        // Retrieve the user's email address
                        string googleEmailAddress = context.Email;

                        // You can even retrieve the full JSON-serialized user
                        var serializedUser = context.User;
                    }
                }
            };

            app.UseGoogleAuthentication(options);

            app.UseLinkedInAuthentication(
                clientId: WebConfigurationManager.AppSettings["linkedInClientId"].ToString(),
                clientSecret: WebConfigurationManager.AppSettings["linkedInClientSecret"].ToString());

            app.UseYahooAuthentication(consumerKey: WebConfigurationManager.AppSettings["yahooConsumerKey"].ToString(),
                consumerSecret: WebConfigurationManager.AppSettings["yahooConsumerSecret"].ToString());

        }

        // app.UseKentorAuthServicesAuthentication(CreateAuthServicesOptions( ));

        app.MapSignalR();


    }

如何在客户端上阅读ExpireTimeSpan并显示会话超时弹出窗口?

1 个答案:

答案 0 :(得分:0)

基本上将onload添加到调用StartTimers()的body标记中。您还可以在body标签上添加onmousemove,该标签调用ResetTimer(),以便只要页面上存在活动,就不会触发超时。如果页面上没有鼠标活动,则显示对话框,如果检测到移动,则对话框关闭,计时器重置。

示例:

as
// Set timeout variables.
var timoutWarning = 60000; // Display warning in 1Mins.
var timoutNow = 120000; // Timeout in 2 mins.
var logoutUrl = 'http://www.asp.net; // URL to logout page.

var warningTimer;
var timeoutTimer;

// Start timers.
function StartTimers() {
    warningTimer = setTimeout("IdleWarning()", timoutWarning);
    timeoutTimer = setTimeout("IdleTimeout()", timoutNow);
}

// Reset timers.
function ResetTimers() {
    clearTimeout(warningTimer);
    clearTimeout(timeoutTimer);
    StartTimers();
    $("#timeout").dialog('close');
}

// Show idle timeout warning dialog.
function IdleWarning() {
    $("#timeout").dialog({
        modal: true
    });
}

// Logout the user.
function IdleTimeout() {
    window.location = logoutUrl;
}