asp.net 核心 2.2 razor 页面登录不持久。很快用户必须重新登录
asp.net core 2.2 razor page login not persistent. very soon user must re login
用户登录后很快退出,必须重新登录。
我希望用户在登录后在网站上停留 30 分钟。
正在启动:
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddIdentity<ApplicationUser, ApplicationRole>(options =>
{
options.Password.RequiredLength = 5;
})
.AddDefaultUI(UIFramework.Bootstrap4)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// Configure your policies
services.AddAuthorization(options =>
options.AddPolicy("PanelPolicy", policy =>
policy.RequireRole("admin")
));
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.Cookie.Expiration = TimeSpan.FromMinutes(30);
options.SlidingExpiration = true;
});
并在登录页面中:
var result = await _signInManager.PasswordSignInAsync(user.UserName, Input.Password, Input.RememberMe, lockoutOnFailure: true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
但在短时间内用户必须重新登录站点
尝试使用下面的代码
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Expiration = TimeSpan.FromMinutes(30);
options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
options.SlidingExpiration = true;
});
或者
services.PostConfigure<CookieAuthenticationOptions>(IdentityConstants.ApplicationScheme,
options =>
{
options.Cookie.Expiration = TimeSpan.FromMinutes(10);
options.SlidingExpiration = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(10);
});
我使用共享主机。当 iis 中的程序重新启动时,会创建一个新的密钥。因此,先前的令牌无效。所以我们必须管理密钥以使用 reset
有效
这一行解决了我的问题
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(_hostingEnvironment.ContentRootPath))
用户登录后很快退出,必须重新登录。
我希望用户在登录后在网站上停留 30 分钟。
正在启动:
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddIdentity<ApplicationUser, ApplicationRole>(options =>
{
options.Password.RequiredLength = 5;
})
.AddDefaultUI(UIFramework.Bootstrap4)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// Configure your policies
services.AddAuthorization(options =>
options.AddPolicy("PanelPolicy", policy =>
policy.RequireRole("admin")
));
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.Cookie.Expiration = TimeSpan.FromMinutes(30);
options.SlidingExpiration = true;
});
并在登录页面中:
var result = await _signInManager.PasswordSignInAsync(user.UserName, Input.Password, Input.RememberMe, lockoutOnFailure: true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
但在短时间内用户必须重新登录站点
尝试使用下面的代码
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Expiration = TimeSpan.FromMinutes(30);
options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
options.SlidingExpiration = true;
});
或者
services.PostConfigure<CookieAuthenticationOptions>(IdentityConstants.ApplicationScheme,
options =>
{
options.Cookie.Expiration = TimeSpan.FromMinutes(10);
options.SlidingExpiration = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(10);
});
我使用共享主机。当 iis 中的程序重新启动时,会创建一个新的密钥。因此,先前的令牌无效。所以我们必须管理密钥以使用 reset
有效这一行解决了我的问题
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(_hostingEnvironment.ContentRootPath))