ASP.Net身份注销所有会话 [英] ASP.Net Identity sign-out all sessions

问题描述

你怎么注销与ASP.NET身份的所有会话？ 比方说你是在登录时从两个不同的浏览器使用相同的用户。当用户登录，从一个浏览器，该浏览器的其他的会议应该无效也是如此。 （我需要这在更改密码的用户的伤病所有会话。）

How do you sign-out all sessions with ASP.NET Identity? Lets say you are signed-in from two different browser with the same user. When the user signs-out from one browser, the session of the other browser should be invalidated as well. (I need this to invalided all sessions of a user on password change.)

您可以登录用以下code当前会话与ASP.Net身份。

You can sign-out the current session with ASP.Net Identity with the following code.

var AutheticationManager = HttpContext.GetOwinContext().Authentication;
AuthenticationManager.SignOut();

这不会注销用户的所有会议。

This will not sign-out all sessions of a user.

编辑： 随着会议的想法是一个很好的起点。我解决了这个问题，并写了一个博客文章如果你有同样的问题。

The idea with the session was a good starting point. I solved the problem and wrote a blog post in case you have the same problem.

推荐答案

您可以通过在列表中添加从Global.asax中新创建的会话实现这一目标。

You can achieve this by adding a newly created session from the Global.asax in a list.

迭代事后比较用户和SignOut用户的会话。

Iterate afterwards to compare the user and SignOut the user's sessions.

protected void Session_Start(object sender, EventArgs e)
{
    MyGlobalObject.Sessions.Add(HttpContext.GetOwinContext().Authentication);
}

和之后，在signout事件：

And later, in the signout event:

private void SignoutAll()
{
    foreach (var authenticationManager in MyGlobalObject.Sessions)
    {
        authenticationManager.SignOut();
    }
}

这篇关于ASP.Net身份注销所有会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！