asp.net-mvc-5 – 如何在ASP.NET MVC 5中设置Forms Auth cookie expiration?

2019年8月4日 189次阅读

在我的AccountController的Login方法中,我有以下内容:

var claims = new List<Claim>();
claims.Add(new Claim(ClaimTypes.Name, model.UserName));
AuthenticationManager.SignIn(
  new AuthenticationProperties { IsPersistent = model.RememberMe,
                                 ExpiresUtc = expiry },
  new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie));

expiry是计算的DateTimeOffset值.

无论我为到期值设置什么,.AspNet.ApplicationCookie的到期时间总是14天.

有没有办法自定义此到期值?

它与https://katanaproject.codeplex.com/workitem/115有关吗?

请注意,在Startup.Auth.cs中,我没有设置ExpireTimeSpan属性.当我设置该属性时,它的值被尊重,并且上面的方法仍然没有做任何事情.

最佳答案 这是在2014年4月16日的
this commit修复.

    protected override async Task ApplyResponseGrantAsync()
    ...
    DateTimeOffset issuedUtc = Options.SystemClock.UtcNow; 
(-) DateTimeOffset expiresUtc = issuedUtc.Add(Options.ExpireTimeSpan);
    context.Properties.IssuedUtc = issuedUtc; 
(-) context.Properties.ExpiresUtc = expiresUtc;
(+) if (!context.Properties.ExpiresUtc.HasValue)
(+) {
(+)     context.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan);
(+) } 

    Options.Provider.ResponseSignIn(context); 

    if (context.Properties.IsPersistent)
    {
(+)    DateTimeOffset expiresUtc = context.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
       cookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
    }
点赞