0

我有一个使用 vnext/core 1.0 的站点设置,它使用 Identity 3 进行身份验证。我可以创建用户,我可以更改密码,我可以正常登录。问题是,它似乎忽略了 ExpireTimespan 属性,因为我在一段时间后被随机踢出应用程序,并且我正在努力深入了解它。

我有自己的用户存储和用户管理器

public IServiceProvider ConfigureServices(IServiceCollection services)
{
    ...

  services.AddIdentity<Domain.Models.User, Domain.Models.UserRole>()
                .AddUserStore<UserStore>()
                .AddRoleStore<RoleStore>()
                .AddUserManager<MyUserManager>()                
                .AddDefaultTokenProviders();

  ...

}

 public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
...

app.UseMyIdentity();

...
}


public static IApplicationBuilder UseMyIdentity(this IApplicationBuilder app)
        {
            if (app == null)
            {
                throw new ArgumentNullException(nameof(app));
            }

            var marker = app.ApplicationServices.GetService<IdentityMarkerService>();
            if (marker == null)
            {
                throw new InvalidOperationException("MustCallAddIdentity");
            }

            var options = app.ApplicationServices.GetRequiredService<IOptions<IdentityOptions>>().Value;

            app.UseCookieAuthentication(options.Cookies.ExternalCookie);
            app.UseCookieAuthentication(options.Cookies.TwoFactorRememberMeCookie);
            app.UseCookieAuthentication(options.Cookies.TwoFactorUserIdCookie);
            CookieAuthenticationOptions appCookie = options.Cookies.ApplicationCookie;

            appCookie.LoginPath = new Microsoft.AspNet.Http.PathString("/Login");
            appCookie.SlidingExpiration = true;
            appCookie.ExpireTimeSpan = TimeSpan.FromHours(8);
            appCookie.CookieName = "MyWebApp";

            app.UseCookieAuthentication(appCookie);
            return app;
        }

登录控制器

var user = await userManager.FindByNameAsync(model.Username);

            if (user != null)
            {
                SignInResult result = await signInManager.PasswordSignInAsync(user, model.Password, false, false);

                if (result.Succeeded)
                {
                    RedirectToActionPermanent("Index", "Home");
                }                   
            }
4

1 回答 1

0

在这里查看我的问题: ASP.NET Core 1.0 - MVC 6 - Cookie Expiration

我遇到了同样的问题,花了几个小时在 github 上浏览 aspnet Identity 的操作系统代码 :-)

您的自定义 UserManager 必须实现 Get/UpdateSecurityStampAsync

public class MyUserManager:UserManager<MinervaUser> 
{
...
    public override bool SupportsUserSecurityStamp
    {
        get
        {
            return true;
        }
    }
    public override async Task<string> GetSecurityStampAsync(MinervaUser user)
    {
        // Todo: Implement something useful here!
        return "Token";
    }

    public override async Task<IdentityResult> UpdateSecurityStampAsync(MinervaUser user)
    {
        // Todo: Implement something useful here!
        return IdentityResult.Success;
    }
于 2016-05-22T19:41:07.507 回答