C# .Net核心cookie身份验证持久性不存在';不能在生产环境中工作
我在应用程序中使用cookie身份验证,当在开发环境中运行cookie时,cookie会保持良好状态,但当我在生产环境中使用cookie时,它会要求我在一段时间不活动后再次登录。cookie尚未过期,应该仍然有效,但应用程序不接受它。 我希望有人能告诉我为什么我会有这种行为,这是我的C# .Net核心cookie身份验证持久性不存在';不能在生产环境中工作,c#,asp.net-core,cookies,.net-core,C#,Asp.net Core,Cookies,.net Core,我在应用程序中使用cookie身份验证,当在开发环境中运行cookie时,cookie会保持良好状态,但当我在生产环境中使用cookie时,它会要求我在一段时间不活动后再次登录。cookie尚未过期,应该仍然有效,但应用程序不接受它。 我希望有人能告诉我为什么我会有这种行为,这是我的Startup.cs代码,用于configureservices: services.AddDbContext<MyDBContext>(o => o.UseSqlServer(Co
Startup.cs
代码,用于configureservices
:
services.AddDbContext<MyDBContext>(o => o.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddTransient<IPasswordHasher<IdentityUser<int>>, MyPasswordHasher>();
services.AddDefaultIdentity<IdentityUser<int>>().AddRoles<IdentityRole<int>>().AddEntityFrameworkStores<MyDBContext>().AddDefaultTokenProviders();
services.AddTransient<RoleManager<IdentityRole<int>>, MyRoleManager>();
services.AddTransient<UserManager<IdentityUser<int>>, MyUserManager>();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(
options =>
{
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
options.Cookie.SameSite = SameSiteMode.Strict;
options.LoginPath = "/Home/Login";
options.LogoutPath = "/Home/Login";
options.Cookie.HttpOnly = true;
options.Cookie.Name = "Auth";
options.SlidingExpiration = true;
options.ExpireTimeSpan = TimeSpan.FromDays(30);
options.ClaimsIssuer = Configuration["DomainIssuer"];
options.Events = new CookieAuthenticationEvents();
options.Events.OnRedirectToAccessDenied = c =>
{
c.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return Task.CompletedTask;
};
}
);
var claims = new List<Claim>
{
new Claim(ClaimTypes.NameIdentifier,usr.Id.ToString()),
new Claim(ClaimTypes.Name,usr.UserName),
new Claim(ClaimTypes.Email,usr.Email),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
AuthenticationProperties authProperties = new AuthenticationProperties
{
RedirectUri = string.IsNullOrEmpty(returnUrl) ? Url.Action(nameof(Index)):returnUrl,
ExpiresUtc = DateTimeOffset.UtcNow.AddDays(30),
AllowRefresh = true,
IsPersistent = loginModel.RememberMe
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);