FormsAuthenticationTicket.expiration v web.config value timeout

▼魔方 西西 提交于 2019-12-03 00:46:15

Because you are manually creating the authentication cookie, the timeout value in your web.config is completely ignored. So I would recommend you having the same value:

var ticket = new FormsAuthenticationTicket(
    1,
    user.UserID,
    DateTime.Now,
    DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
    false,
    "user,user1",
    FormsAuthentication.FormsCookiePath
);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
{
    HttpOnly = true,
    Secure = FormsAuthentication.RequireSSL,
    Path = FormsAuthentication.FormsCookiePath,
    Domain = FormsAuthentication.CookieDomain
};
Response.AppendCookie(cookie);
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!