0

我使用此代码登录网站:

var userId = User.UserId;
var userData = userId.ToString(CultureInfo.InvariantCulture);
var authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddMinutes(30), persistanceFlag, userData, FormsAuthentication.FormsCookiePath);
var encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
if (authTicket.IsPersistent)
     {
          cookie.Expires = DateTime.Now.AddMonths(6);
     }

并在 web.config 中使用 machinekey 和此代码:

<sessionState mode="InProc" timeout="20" cookieless="UseCookies" />
<httpCookies httpOnlyCookies="true" />
<authentication mode="Forms">
  <forms loginUrl="~/Login.aspx" timeout="2880" cookieless="UseCookies" />
</authentication>

但请记住我不工作!我在浏览器中检查 cookie,.ASPXAUTH 已保存并且日期过期没问题。但几分钟后,asp.net 不使用 cookie 是浏览器,记住我不工作!

4

1 回答 1

1

您还希望将 cookie 过期设置为与票证过期相同。

...
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
            {
                HttpOnly = true,
                Secure = FormsAuthentication.RequireSSL,
                Path = FormsAuthentication.FormsCookiePath
            };
if (authTicket.IsPersistent)
{
   cookie.Expires = encTicket.Expiration;
}
if (FormsAuthentication.CookieDomain != null)
{
   cookie.Domain = FormsAuthentication.CookieDomain;
}
Response.Cookies.Add(cookie);

仅供参考:您可能想要删除timeout="20"哪些cookieless="UseCookies"默认值

于 2013-10-20T19:53:42.787 回答