Asp.Net Core 2.0 Cookie Authentication Expires Before Time
up vote
0
down vote
favorite
I have an MVC Asp.Net Core 2.0 application that uses Cookie Authentication. The problem is that the session expires ahead of time and redirects the user to the login path, forcing him to authenticate again.
My Startup Class:
ConfigureServices Method:
const string schema = "adminScheme";
services.AddAuthentication(schema).AddCookie(schema, options =>
{
options.AccessDeniedPath = new PathString("/Account/AcessoNegado");
options.Cookie = new CookieBuilder
{
HttpOnly = true,
Name = ".Admin.Security.Cookie",
Path = "/",
SameSite = SameSiteMode.Lax,
SecurePolicy = CookieSecurePolicy.SameAsRequest
};
options.ExpireTimeSpan = TimeSpan.FromMinutes(480);
options.LoginPath = new PathString("/Account/Login");
options.LogoutPath = new PathString("/Account/Logout");
options.ReturnUrlParameter = "RequestPath";
options.SlidingExpiration = true;
});
on Configure Method:
app.UseAuthentication();
My Login Method:
var cadastro = user.FirstOrDefault();
const string Issuer = "adminScheme";
List<Claim> claims = new List<Claim>
{
new Claim(ClaimTypes.Name, cadastro.NomeUsuario, ClaimValueTypes.String, Issuer),
new Claim("Idusuario",cadastro.Id.ToString(), ClaimValueTypes.String, Issuer),
new Claim("IdtipoUsuario", cadastro.IdtipoUsuario.ToString(), ClaimValueTypes.String, Issuer)
};
ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(scheme: Issuer,
principal: principal,
properties: new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTime.UtcNow.AddMinutes(480)
});
return RedirectToLocal(returnUrl);
And I use the [Authorize] In My Controllers.
c# authentication asp.net-core-2.0 session-cookies
asked Nov 16 at 18:18
Wiliam Paulino
213
add a comment |
up vote
0
down vote
favorite
I have an MVC Asp.Net Core 2.0 application that uses Cookie Authentication. The problem is that the session expires ahead of time and redirects the user to the login path, forcing him to authenticate again.
My Startup Class:
ConfigureServices Method:
const string schema = "adminScheme";
services.AddAuthentication(schema).AddCookie(schema, options =>
{
options.AccessDeniedPath = new PathString("/Account/AcessoNegado");
options.Cookie = new CookieBuilder
{
HttpOnly = true,
Name = ".Admin.Security.Cookie",
Path = "/",
SameSite = SameSiteMode.Lax,
SecurePolicy = CookieSecurePolicy.SameAsRequest
};
options.ExpireTimeSpan = TimeSpan.FromMinutes(480);
options.LoginPath = new PathString("/Account/Login");
options.LogoutPath = new PathString("/Account/Logout");
options.ReturnUrlParameter = "RequestPath";
options.SlidingExpiration = true;
});
on Configure Method:
app.UseAuthentication();
My Login Method:
var cadastro = user.FirstOrDefault();
const string Issuer = "adminScheme";
List<Claim> claims = new List<Claim>
{
new Claim(ClaimTypes.Name, cadastro.NomeUsuario, ClaimValueTypes.String, Issuer),
new Claim("Idusuario",cadastro.Id.ToString(), ClaimValueTypes.String, Issuer),
new Claim("IdtipoUsuario", cadastro.IdtipoUsuario.ToString(), ClaimValueTypes.String, Issuer)
};
ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(scheme: Issuer,
principal: principal,
properties: new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTime.UtcNow.AddMinutes(480)
});
return RedirectToLocal(returnUrl);
And I use the [Authorize] In My Controllers.
c# authentication asp.net-core-2.0 session-cookies
asked Nov 16 at 18:18
Wiliam Paulino
213
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have an MVC Asp.Net Core 2.0 application that uses Cookie Authentication. The problem is that the session expires ahead of time and redirects the user to the login path, forcing him to authenticate again.
My Startup Class:
ConfigureServices Method:
const string schema = "adminScheme";
services.AddAuthentication(schema).AddCookie(schema, options =>
{
options.AccessDeniedPath = new PathString("/Account/AcessoNegado");
options.Cookie = new CookieBuilder
{
HttpOnly = true,
Name = ".Admin.Security.Cookie",
Path = "/",
SameSite = SameSiteMode.Lax,
SecurePolicy = CookieSecurePolicy.SameAsRequest
};
options.ExpireTimeSpan = TimeSpan.FromMinutes(480);
options.LoginPath = new PathString("/Account/Login");
options.LogoutPath = new PathString("/Account/Logout");
options.ReturnUrlParameter = "RequestPath";
options.SlidingExpiration = true;
});
on Configure Method:
app.UseAuthentication();
My Login Method:
var cadastro = user.FirstOrDefault();
const string Issuer = "adminScheme";
List<Claim> claims = new List<Claim>
{
new Claim(ClaimTypes.Name, cadastro.NomeUsuario, ClaimValueTypes.String, Issuer),
new Claim("Idusuario",cadastro.Id.ToString(), ClaimValueTypes.String, Issuer),
new Claim("IdtipoUsuario", cadastro.IdtipoUsuario.ToString(), ClaimValueTypes.String, Issuer)
};
ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(scheme: Issuer,
principal: principal,
properties: new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTime.UtcNow.AddMinutes(480)
});
return RedirectToLocal(returnUrl);
And I use the [Authorize] In My Controllers.
c# authentication asp.net-core-2.0 session-cookies
asked Nov 16 at 18:18
Wiliam Paulino
213
I have an MVC Asp.Net Core 2.0 application that uses Cookie Authentication. The problem is that the session expires ahead of time and redirects the user to the login path, forcing him to authenticate again.
My Startup Class:
ConfigureServices Method:
const string schema = "adminScheme";
services.AddAuthentication(schema).AddCookie(schema, options =>
{
options.AccessDeniedPath = new PathString("/Account/AcessoNegado");
options.Cookie = new CookieBuilder
{
HttpOnly = true,
Name = ".Admin.Security.Cookie",
Path = "/",
SameSite = SameSiteMode.Lax,
SecurePolicy = CookieSecurePolicy.SameAsRequest
};
options.ExpireTimeSpan = TimeSpan.FromMinutes(480);
options.LoginPath = new PathString("/Account/Login");
options.LogoutPath = new PathString("/Account/Logout");
options.ReturnUrlParameter = "RequestPath";
options.SlidingExpiration = true;
});
on Configure Method:
app.UseAuthentication();
My Login Method:
var cadastro = user.FirstOrDefault();
const string Issuer = "adminScheme";
List<Claim> claims = new List<Claim>
{
new Claim(ClaimTypes.Name, cadastro.NomeUsuario, ClaimValueTypes.String, Issuer),
new Claim("Idusuario",cadastro.Id.ToString(), ClaimValueTypes.String, Issuer),
new Claim("IdtipoUsuario", cadastro.IdtipoUsuario.ToString(), ClaimValueTypes.String, Issuer)
};
ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(scheme: Issuer,
principal: principal,
properties: new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTime.UtcNow.AddMinutes(480)
});
return RedirectToLocal(returnUrl);
And I use the [Authorize] In My Controllers.
c# authentication asp.net-core-2.0 session-cookies
c# authentication asp.net-core-2.0 session-cookies
asked Nov 16 at 18:18
Wiliam Paulino
213
asked Nov 16 at 18:18
Wiliam Paulino
213
asked Nov 16 at 18:18
Wiliam Paulino
213
asked Nov 16 at 18:18
Wiliam Paulino
213
asked Nov 16 at 18:18
Wiliam Paulino
213
213
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
I just tried your code. If you're using the 2.0.x version, change your code as below :
//ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsIdentity identity = new ClaimsIdentity(claims, "adminScheme");
And now it works flawlessly for me.
By the way, the version of 2.0 has already reached end of life on October 1, 2018. It is suggested to migrate to 2.1.x
answered 16 hours ago
itminus
2,1311217
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
I just tried your code. If you're using the 2.0.x version, change your code as below :
//ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsIdentity identity = new ClaimsIdentity(claims, "adminScheme");
And now it works flawlessly for me.
By the way, the version of 2.0 has already reached end of life on October 1, 2018. It is suggested to migrate to 2.1.x
answered 16 hours ago
itminus
2,1311217
add a comment |
up vote
0
down vote
I just tried your code. If you're using the 2.0.x version, change your code as below :
//ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsIdentity identity = new ClaimsIdentity(claims, "adminScheme");
And now it works flawlessly for me.
By the way, the version of 2.0 has already reached end of life on October 1, 2018. It is suggested to migrate to 2.1.x
answered 16 hours ago
itminus
2,1311217
add a comment |
up vote
0
down vote
up vote
0
down vote
I just tried your code. If you're using the 2.0.x version, change your code as below :
//ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsIdentity identity = new ClaimsIdentity(claims, "adminScheme");
And now it works flawlessly for me.
By the way, the version of 2.0 has already reached end of life on October 1, 2018. It is suggested to migrate to 2.1.x
answered 16 hours ago
itminus
2,1311217
I just tried your code. If you're using the 2.0.x version, change your code as below :
//ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");
ClaimsIdentity identity = new ClaimsIdentity(claims, "adminScheme");
And now it works flawlessly for me.
By the way, the version of 2.0 has already reached end of life on October 1, 2018. It is suggested to migrate to 2.1.x
answered 16 hours ago
itminus
2,1311217
edited 16 hours ago
answered 16 hours ago
itminus
2,1311217
answered 16 hours ago
itminus
2,1311217
answered 16 hours ago
itminus
2,1311217
2,1311217
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53343360%2fasp-net-core-2-0-cookie-authentication-expires-before-time%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
