我目前正在使用ASP.NET核心身份。我无法弄清楚延长会话长度的设置,但我一直在注销 - 我假设有一个大约20分钟的失效时间,但我找不到该设置。请注意,我将Google用作外部OAuth。ASP.NET核心身份到期(谷歌OAuth)
services.AddIdentity<ApplicationUser, IdentityRole>(o =>
{
o.Password.RequireDigit = false;
o.Password.RequireLowercase = false;
o.Password.RequireUppercase = false;
o.Password.RequireNonAlphanumeric = false;
o.Password.RequiredLength = 6;
o.SecurityStampValidationInterval = TimeSpan.FromHours(8);
o.Cookies.ExternalCookie.ExpireTimeSpan = TimeSpan.FromHours(8);
o.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromHours(8);
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
app.UseIdentityServer();
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = $"http://localhost:55504/",
RequireHttpsMetadata = false,
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
"name",
"given_name",
"family_name",
"role"
}
});
var googleOptions = serviceProvider.GetRequiredService<GoogleOptions>();
app.UseGoogleAuthentication(new GoogleOptions
{
AuthenticationScheme = "Google",
SignInScheme = "Identity.External",
ClientId = googleOptions.ClientId,
ClientSecret = googleOptions.ClientSecret
});
可能的复制[Cookie身份验证在ASP.NET Core中过期过早](https://stackoverflow.com/questions/45595615/c ookie-authentication-expiring-too-soon-in-asp-net-core) – SteelToe
你在哪里以及如何托管你的应用程序? IIS? Azure应用服务?然后,您需要启用数据保护,因此您的Cookie的加密密钥在应用程序重新启动后仍然存在。请参阅[我的答案](https://stackoverflow.com/a/47559544/455493) – Tseng