0

我在我的应用程序中使用带有自定义实体的表单身份验证。

我遇到的问题是我的身份验证会话比我预期的 10 分钟快到期。

我认为每次收到该 cookie 的经过身份验证的请求时,我可能需要更新 cookie?

这是保持会话活跃的正确做法吗?

谢谢-要遵循的代码:

网络配置

<authentication mode="Forms">
  <forms loginUrl="/Admin/Account/LogOn" slidingExpiration="true" />
</authentication>

登录时

        var identity = new AppIdentity(member.Fullname, member.Id, roles.ToArray());
        FormsAuthentication.SetAuthCookie(identity.ToString(), false);

        var myCookie = FormsAuthentication.GetAuthCookie(identity.ToString(), false);
        myCookie.Domain = string.Format(".{0}", "mydomain.com");
        HttpContext.Current.Response.AppendCookie(myCookie);

全球.cs

    protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        var cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
        var ticket = TryDecryptCookie(cookie);

        if (ticket == null)
        {
            return;
        }

        var identity = new AppIdentity(ticket);
        var principal = new GenericPrincipal(identity, identity.Roles);

        Context.User = principal;
    }
4

1 回答 1

0

我最终只是在需要时延长了到期时间。

protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
        FormsAuthenticationTicket ticket = TryDecryptCookie(cookie);

        if (ticket == null)
        {
            return;
        }

        FormsAuthenticationTicket newTicket = ticket;

        if (FormsAuthentication.SlidingExpiration)
        {
            newTicket = FormsAuthentication.RenewTicketIfOld(ticket);
        }

        var identity = new AppIdentity(newTicket);
        var principal = new GenericPrincipal(identity, identity.Roles);

        Context.User = principal;
    }
于 2013-04-01T21:30:16.783 回答