在剃刀页面模型中通过 [Authorize(Roles = "xxx")] 进行身份验证

时间:2021-03-14 14:00:56

标签: asp.net asp.net-core authentication razor-pages

我在 Asp.Net Core Razor Pages 应用程序中使用了 [Authorize(Roles = "xxx")]。它工作正常,但几分钟后(可能是 5 分钟),当我在我的 Crud 中单击“编辑”或“创建”按钮时,它会退出。我该如何解决这个问题?我猜这个角色的存活时间可能只有 5 分钟(默认时间),但我不知道如何删除或更改它。

这是我的 StartUp 课程:

  public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.Configure<CookiePolicyOptions>(options =>
            {
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddDbContext<ApplicationDbContext>(options =>
                           options.UseSqlServer(
                               Configuration.GetConnectionString("DefaultConnection")));
            services.AddDatabaseDeveloperPageExceptionFilter();
            services.AddIdentity<IdentityUser, IdentityRole>()
                .AddDefaultTokenProviders()
                .AddEntityFrameworkStores<ApplicationDbContext>();
            services.AddControllersWithViews();
            services.AddRazorPages().AddRazorRuntimeCompilation();


            services.AddScoped<PagingParameter, PagingParameter>();

            services.AddTransient<IEmailSender, EmailSender>();

            services.AddReCaptcha(Configuration.GetSection("ReCaptcha"));
            services.AddLocalization();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseMigrationsEndPoint();
            }
            else
            {
                app.UseExceptionHandler("/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }
            {

                app.UseHttpsRedirection();
                app.UseStaticFiles();

                app.UseRouting();

                app.UseAuthentication();
                app.UseAuthorization();

                app.UseEndpoints(endpoints =>
                {
                    endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Home}/{action=Index}/{id?}");
                    endpoints.MapRazorPages();
                });
            }
        }
    }

2 个答案:

答案 0 :(得分:2)

尝试更改 cookie ExpireTimeSpan

services.ConfigureApplicationCookie(options =>
{
    options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
});

您可以参考doc了解更多详情。

答案 1 :(得分:2)

您有 2 个选项。正如@mj1313 提到的,你可以使用:

services.ConfigureApplicationCookie(options =>
{
    options.SlidingExpiration = true; // instruct the handler to re-issue a new cookie with a new expiration time any time it processes a request which is more than halfway through the expiration window
    options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
});

另一种是在登录时传递 AuthenticationProperties 中的过期时间:

var props = new AuthenticationProperties {
  IsPersistent = true,
  ExpiresUtc = DateTimeOffset.UtcNow.Add(//put expiration time here)
};
相关问题
最新问题