How to handle cookie expiration in asp.net core

Question

I would like to know how to properly handle the fact that the cookie expired? Is it possible to execute a custom action ?

What I would like to achieve is that when the c

Answer 1

Looks like you need your own handler for OnValidatePrincipal event when setuping cokies auth middleware:

OnValidatePrincipal event can be used to intercept and override validation of the cookie identity

app.UseCookieAuthentication(options =>
{
    options.Events = new CookieAuthenticationEvents
    {
        OnValidatePrincipal = 
    };
});

Documentation contains example of such handle:

public static class LastChangedValidator
{
    public static async Task ValidateAsync(CookieValidatePrincipalContext context)
    {
        // Pull database from registered DI services.
        var userRepository = context.HttpContext.RequestServices.GetRequiredService();
        var userPrincipal = context.Principal;

        // Look for the last changed claim.
        string lastChanged;
        lastChanged = (from c in userPrincipal.Claims
                       where c.Type == "LastUpdated"
                       select c.Value).FirstOrDefault();

        if (string.IsNullOrEmpty(lastChanged) ||
            !userRepository.ValidateLastChanged(userPrincipal, lastChanged))
        {
            context.RejectPrincipal();
            await context.HttpContext.Authentication.SignOutAsync("MyCookieMiddlewareInstance");
        }
    }
}