设置了持久性AuthCookie，但将其重定向到登录名 [英] Persistent AuthCookie is set but being redirected to login

问题描述

我在使用持久性AuthCookie时遇到问题.验证和登录工作正常，如果我关闭浏览器并重新打开它，则身份验证仍然有效，因此不会重定向到登录页面. 我不确定确切的时间是什么，但是如果说关闭浏览器而不注销并且仅在20分钟后重新打开它，即使我使用Web开发人员工具进行检查时设置了cookie，我也将被重定向到登录页面.............................................................................它的到期日期是从现在开始的一个月.

I'm having problems with using a persistent AuthCookie. The validation and login works perfectly and if i close the browser and re-open it the authentication is still valid no redirect to the login page is done. I'm not sure what the exact time is but let's say that if close the browser without logging off and only reopen it 20 minutes later I'll be redirected to the login page even though the cookie is set when I check with web developer tools and it's expiration date is one month from now.

验证用户凭据后我要做的只是

All i'm doing after validating the users credentials is

FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

在我的Web.Config中，我将其设置为

And in my Web.Config I have it set like

<configuration>
    <system.web>
    ...
    <authentication mode="Forms">
        <forms cookieless="UseCookies" loginUrl="~/Utilizador/Login" name="SMOAuth" slidingExpiration="true" timeout="43829"/>
    </authentication>
    ...

还尝试按照建议的

Also tried to hard-code the machine key as suggested here and a few other places, but to no effect

<machineKey validationKey="Validation_Key_Here" decryptionKey="Decrypt_Key_Here" validation="SHA1" decryption="AES"/>

我很难解决这个问题

推荐答案

//this line is NOT ENOUGH for "remember me" to work!!!
FormsAuthentication.SetAuthCookie(userName, true); //DOESN'T WORK!

//###########

//you have to save the "remember me" info inside the auth-ticket as well
//like this:

DateTime expires = DateTime.Now.AddDays(20); //remember for 20 days

//create the auth ticket
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
    userName,
    DateTime.Now,
    expires, // value of time out property
    true, // Value of IsPersistent property!!!
    String.Empty,
    FormsAuthentication.FormsCookiePath);

//now encrypt the auth-ticket
string encryptedTicket = FormsAuthentication.Encrypt(ticket);

//now save the ticket to a cookie
HttpCookie authCookie = new HttpCookie(
            FormsAuthentication.FormsCookieName,
            encryptedTicket);
authCookie.Expires = expires;

//feed the cookie to the browser
HttpContext.Current.Response.Cookies.Add(authCookie);

这篇关于设置了持久性AuthCookie，但将其重定向到登录名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！