All geek questions in one place

ASP.NET MVC authentication cookie

My web application cookie authentication time is after the day when I try to log in again. I am trying to access the application through Nokia browser and Internet Explorer, and both have the same behavior.

This is my login process:

    [HttpPost]
    [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
                      Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(LogOnModel model, string returnUrl)
    {
        if (MembershipService.ValidateUser(model.UserName, model.Password))
        {
            //FormsService.SignIn(model.UserName, model.RememberMe);
            FormsAuthenticationTicket Authticket = new
                        FormsAuthenticationTicket(1,
                        model.UserName,
                        DateTime.Now,
                        DateTime.Now.AddYears(1),
                        true,
                        "",
                        FormsAuthentication.FormsCookiePath);

            string hash = FormsAuthentication.Encrypt(Authticket);

            HttpCookie Authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

            if (Authticket.IsPersistent) Authcookie.Expires = Authticket.Expiration;

            Response.Cookies.Add(Authcookie);

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            return RedirectToAction("Index", "Home");
        }
        ModelState.AddModelError("", "The user name or password provided is incorrect.");

        // If we got this far, something failed, redisplay form
        return View(model);
    }

My settings web.config:

<forms loginUrl="~/consignment/Account/LogOn" timeout="2880" protection="All" name=".consignmentauthadmin"/>

I'm trying to:

    [HttpPost]
    [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
                     Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(LogOnModel model, string returnUrl)
    {
        if (MembershipService.ValidateUser(model.UserName, model.Password))
        {
            //FormsService.SignIn(model.UserName, model.RememberMe);
            FormsAuthenticationTicket Authticket = new
                        FormsAuthenticationTicket(1,
                        model.UserName,
                        DateTime.Now,
                        DateTime.Now.AddYears(1),
                        true,
                        "",
                        FormsAuthentication.FormsCookiePath);

            string hash = FormsAuthentication.Encrypt(Authticket);

            HttpCookie Authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

            if (Authticket.IsPersistent) Authcookie.Expires = Authticket.Expiration;

            Response.Cookies.Add(Authcookie);

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            return RedirectToAction("Index", "Home");
        }
        ModelState.AddModelError("", "The user name or password provided is incorrect.");

        // If we got this far, something failed, redisplay form
        return View(model);
    }

I do not want the expiration of the authenticity to expire until I exit the application. What am I doing wrong?

+3
source share
1 answer

Try looking at the IIS application pool for the web server, it has an “application update” that is configured by default. turn it off ... this should solve your problem.

+2
source

Source: https://habr.com/ru/post/1755225/

More articles:


All Articles